Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

APC > Data Management > Flashcards

Data Management Flashcards

1
Q

What are the principles set out in Article 5 of the UK GDPR 2020?

A

LS MAPS

Lawful
Securely Processed
Data Minimisation
Accurate
Purpose Limitation
Storage Limitation

Article 5:
Processed lawfully, fairly, and in a transparent manner.
Collected for specified, explicit, and legitimate purposes.
Adequate, relevant, and limited to necessity.
Accurate and Up-to-Date.
Kept in a form that permits identification for no longer than is necessary.
Processed in a way that ensures appropriate security.
Data controller will be responsible for, and can evidence, compliance with the principles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the purpose of UK GDPR?

A
  • Aims to create a single data protection regime.
  • Empowers individuals to take control over how their data is used.
  • Rights to be informed of how data is being used.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When should a data breach be reported?

A

Personal data breaches must be reported to the ICO within 72 hours.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the ICO?

A

Information Commissioners Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the maximum fine for a data breach?

A

Up to 4% of Global Turnover OR £17.5M

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are examples of data security measures?

A
  • Disk encryption.
  • Regular back up of data.
  • Password protection.
  • Anti-virus software.
  • Firewalls.
  • Disaster recovery procedures.
  • Two-factor authentication.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain how your data storage system keeps data secure.

A
  • Limited access to SharePoint.
  • Data that is deleted is stored for 30 days elsewhere so able to recover if mistake made.
  • Records who and when data is inputted.
  • Classification of documents and emails.
  • Password protected.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a data controller?

A

Determines the purposes and means of processing personal data.

Can be alone or joint role.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a data processor?

A

Processes the personal data on behalf of the data controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What legislation is relevant to data management?

A

Data Protection Act 2018

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the individual rights under UK GDPR?

A
  • Informed
  • Access
  • Rectification
  • Erasure
  • Restrict Processing
  • Data Portability
  • Object
  • Automated decision making including profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the Freedom of Information Act 2000?

A

Right for individuals to access information held by the public sector.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the exemptions of an FOI Request?

A
  • Personal data.
  • Matters of national security.

Request must be in writing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How many days must a response by provided in for a FOI Request?

A

20 working days.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is personal data?

A

Anything that identifies a person i.e., name, gender, location data, cultural, social, economic related to an individual.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the benefits of a cloud-based storage system?

A
  • Information is backed up securely on encrypted servers.
  • Accessibility can be managed via online settings.
  • Cloud is often cheaper than storing hard copy files.
  • Convenient to send and share files online.
  • Environmentally friendly.
  • Multiple users can access the same documents.
  • Collaboration on documents.
16
Q

What is the meaning of a non-disclosure agreement?

A
  • Non-disclosure agreements are used to protect against the disclosure or sharing of any confidential data.
  • Clients will typically request that a recipient signs a NDA.
  • Used when confidential, sensitive, innovative or intellectual property information is being shared to prevent this information being used by competitors.
17
Q

If two separate departments within your firm were working for rival companies, how would you ensure client sensitive data was managed?

A
  • Make client aware of the risks.
  • Conflict of interest checks.
  • Letter of instruction to continue.
  • Methods of managing this would include NDAs, single lines of communication to client, separate working locations (information barriers), secure storage of data.
18
Q

Who are the key persons outlined within GDPR?

A

Data Controller - natural person or legal entity that determines the purposes and means of the processing of personal data.

Data Processor - processes personal data on behalf of the controller.

19
Q

What things must companies put in place to ensure GDPR compliance?

A
  • Raise awareness across your business.
  • Audit all personal data.
  • Update your privacy notice.
  • Review your procedures supporting individuals’ rights.
  • Identify and document your legal basis for processing personal data under the GDPR.
  • Review how you seek, obtain consent.
20
Q

How is data managed and protected in your firm?

A
  • Secure document storage.
  • Back up of documents.
  • Sharing/confidentiality of documentation.
  • Common data standards.
  • Formatting/standardising reports.
  • Data sharing with internal and external teams.
  • Paper form/digital form.

APC (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions