Data Management Flashcards
What are the main aims of the Equality Act 2010?
The Equality Duty has three aims. It requires public bodies to have due regard to the need to:
1 - eliminate unlawful discrimination, harassment, victimisation and any other conduct prohibited by the Act;
2 - advance equality of opportunity between people who share a protected characteristic and people who do not share it;
3 - foster good relations between people who share a protected characteristic and people who do not share it.
What is the Equality Act 2010, and what does it cover?
The Equality Duty replaces the three previous public sector equality duties - for race, disability and gender. The Equality Duty now covers the following protected characteristics:
1 - age
2 - disability
3 - gender reassignment
4 - pregnancy and maternity
5 - race - this includes ethnic or national origins, colour or nationality
6 - religion or belief - this includes lack of belief
7 - sex
8 - sexual orientation
9 - marriage and civil partnership (only in respect of the requirement to have due regard to the need to eliminate discrimination)
What is GDPR?
General Data Protection Regulation (2016) and it came into force on 25 May 2018. It aims to create a single data protection regime for the EU.
What act implemented the GDPR in the UK?
Data Protection Act (2018) which replaced the Data Protection Act 1988
What are the fines for non-compliance with GDPR?
Up to 4% of global turnover or 20 million euros (whichever is greater)
What do you need to do if you have a data breach?
Notify the Information Commissioners Officer (ICO) within 72 hours of the breach occurring
What are the principles of the Data Protection Act 2018?
Processed lawfully, fairly and in a transparent manner
Collected for a specified and legitimate purpose
Accurate
Not transferred to countries with less information than your own
What are the individual rights under GDPR?
There are 8:
Information
Access
Rectification
Erasure
Restrict Processing
Data Portability
Object
Automated decision making
What is an SAR?
Subject Access Request - demand that an individual be given all the information that a company holds on them
What are the principles of GDPR?
There are 7:
Lawfulness, fairness and transparency
Purpose of limitation - be specific about the purpose of the data collection
Data minimisation - only collect it when you need it
Accuracy
Storage limitations - store data for a necessary limited period and then erase
Integrity and confidentiality - keep it secure
Accountability - record and prove compliance
What is your understanding of the term confidentiality?
Where information is provided but is subject to confidence and not shared without permission
What is your understanding of the term Meta Data and why is this important?
Meta Data is information about a specific piece of data, e.g., file size, author, date a document was created
It is important as we must ensure that Meta Data is afforded the same level of care as all other confidential data.
What is your understanding of Intellectual Property and Copyright?
This is the right to control the use and ownership of original works.
Work generally created by an employee usually belongs to their employer unless copyrights are put in place.
What is the Freedom of Information Act 2005?
Primary piece of UK legislation that controls the access to official information.
The act permits the public right of access to information held by public authorities.
Information must be published through the public authorities publication scheme.
The act covers all information held and not just information since the act came into effect.
What are the benefits of cloud-based storage systems?
Information is backed up securely on encrypted servers.
Accessibility can be managed via online settings.
Often cheaper than costs of physically storing and managing files.
Convenient to send/share files online
More environmentally friendly
Multiple users can access the same documents
Documents and folder systems can be syncronized
