Data Management

Question 1

How do you set up a data room and ensure its security?

Answer 1

Data room is a secure data sharing platform used to store clients files

1. Select file provide.
2. Create firewall / security wall
3. Upload client files
4. Provide access to relevant personnel

Question 2

What are some of the principles of GDPR?

Answer 2

Outlined in Article 5:

Data must be:

1. Processed LAWFULLY, FAIRLY and in a TRANSPARENT manner.
2. Collected for LEGITIMATE and SPECIFIC purposes
3. KEPT UP TO DATE
4. Kept in a form which permits identification of data subjects for NO LONGER THAN NECESSARY
5. Processed in a manner that ensures SECURITY.
6. INCORRECT DATA to be erased or rectified without delay

Question 3

What individual rights under UK GDPR?

Answer 3

The right to be informed

The right to access

The right to object

The right to erasure and blocking

The right to rectify

The right to file a complaint

The right to damages

The right to data portability.

Question 4

What is Copyright?

Answer 4

1. Exclusive rights granted to the creator of original work, including rights to copy.
2. Rights can be licensed, assigned or transferred.
3. Form of intellectual property.
4. Individuals need to acknowledge any copyright for information duplicated in your work.

Question 5

What is the UK Data Protection Act 2018?

Answer 5

Applies data protection standards set out by EU GDPR.

Sets the provisions for processing personal data giving individuals the right to be informed about how their personal information is used by third parties.

Question 6

What are the fines associated for data breaches?

Answer 6

Firms can be fined up to 4% of global turnover or £17.5 million (whichever is greater).

Question 7

Who should data security breaches be reported to?

Answer 7

ICO - Information Commissioner’s Office

Question 8

When do data breaches need to be reported?

Answer 8

Within 72 hours of the breach, where there is a loss of personal data and risk of harm to individuals

Question 9

What should you do if you breach GDPR?

Answer 9

1. Inform line manager and compliance officer
2. Request the recipient of the information disposes of it securely.
3. Inform client of the breach
4. Report to ICO

Question 10

What are the key requirements of the Data Protection Act 2018?

Answer 10

1. Obligation to conduct date protection impact assessments.
2. New rights for individuals to have access to information and have it erased.
3. New principle of ‘data accountability’ - organisation must prove how they comply with new regulations.

Question 11

What is an NDA?

Answer 11

Non-disclosure agreement

Legally binding contract that establishes a confidential relationship and protects the information, they share from being disclosed to outsiders.

Question 12

What gives individuals rights to access information held by public bodies?

Answer 12

Freedom of Information Act 2000

Question 13

What do you understand about the Freedom of Information Act 2000?

Answer 13

• Public body must say to individual requesting sight of information whether they hold it
• Public body required to provide this information in 20 days
• It can charge for the provision of the information

Question 14

When would there be exemptions to this?

Answer 14

1. If GDPR is breached
2. It would prejudice a criminal matter under investigation