Data Management Flashcards

1
Q

What is ICO?

A

Information Commissioner Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does ICO do?

A

All companies processing personal information must register with ICO under Data Protection 1998

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the Data Protection Act 2018?

A

Gives people to the right to know how the government and other organisations store information about you

UK implementation of GDPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 7 key principles to GDPR?

A

Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity and confidentiality (security)
Accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define confidentiality?

A

Confidence to share but not without permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is meta data?

A

Information regarding specific data such as planning documents

Includes author, dates, rules size

Not to be shared

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is intellectual property and copyright?

A

Controlled use and ownership of information

E.g employees work is owned by the employer unless copyright

Licence provided to use and reproduce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Freedom of Information Act 2005?

A

Controls access to official information

Public right to access information held by public authorities

All information held

Overseen by Information Commissioners Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How to use a cloud based storage system and benefits?

A

Backs up on encrypted servers
Online accesss
Cheap
Enables sharing
Environmentally friendly
Multi users permitted
Documents and folders synchronised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an NDA?

A

Non-disclosure agreement

Protects disclosure and sharing of data

Prior to sharing data an agreement is reached

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the Data Protection Act 2018?

A

Replaces 1998 legislation for managing personal data

Uk legalisation of EU General Data Protection Regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the principles for Data Protection Act 2018?

A

Ensures data is:
- used fairly, lawfully and transparently
- used for purpose
- only retained when necessary
- processed securely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are your personal rights under Data Protection Act 2018?

A

Right to:
- be informed on the use
- right to access
- right to be updated
- right to erase
- right to stop/restrict
- right to portability
- right to object use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the key persons of GDPR?

A

Controller - determines purpose and means of processing

Processor - processes on behalf of controller

Data protection officer - required by EU GDPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a data protection officer?

A

Required by EU under GDPR
Process EU citizens data
Oversee the approach, strategy and implementation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Types of data used?

A

Guidance notes
Contracts
Tenders
Cost plan
Valuation data
Journals
Sub contractor information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How to ensure compliance with Data Protection Act 2018?

A

Non-disclosure agreement for confidential information
Lockable storage
Password protection
Encryption
Consent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How do companies ensure compliance?

A

Only retain data needed
Inform person of use and advise why
Store securely
Delete when not needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Outline what GDPR is?

A

Correction = change data
Portability = transfer
Evasive = delete
Access = know what is collected and how
Consent = consumer informed

20
Q

What are the principles of Article 5 of GDPR?

A

Personal data shall be:
- processed lawfully, fairly and transparently
- collected for legitimate purpose
- relevant and limited to what it is necessary in related to
- kept up to date and accurate
- kept securely to identify data no longer necessarily for purpose
- processed to ensure security

21
Q

Types of communication?

A

Graphs
Photos
Schedules
Maps
Property reports
Data storage
Benchmarking
Security

Input data = property records

Output data = rental info

22
Q

Cycle of documents?

A

Compose
Capture
Review
Approve
Retrieve
Archive

23
Q

What is personal data?

A

Under Uk GDPR Article 4:personal data is information relating to an identified or identifiable natural person
Name
Identification number
Location data
Online identifier

24
Q

What are the fines for non-compliance with GDPR?

A

4% of annual global turnover or 20m

25
Q

Types of data source

A

Primary - time consuming and expensive

Secondary - not as reliable

26
Q

How to handle 2 departments within one firm acting for two rival firms need to ensure management of data?

A
  • ensure client is aware and informed
  • conflicts of interest
  • obtain letter of instruction
  • exclusive staff access
  • NDA
  • separate working in different locations
  • documents and data store separately
27
Q

What can companies put in place to ensure GDPR compliance

A

Raise awareness across staff
Audit personal data
Update privacy notice
Review procedures
Identify and document legal basis for processing data
Review how you seek, obtain and record consent

28
Q

How do Coop manage and protect data?

A

Secure storage
Back up documents
Sharing/confidentiality of documents
Common data standards
Formatting/standardising reports
Data sharing with internal/external teams
Paper form/ digital

29
Q

What does it mean to be GDPR complaint?

A

Requirement for business to protect personal data and privacy of EU citizens

30
Q

How long does Lincolnshire Coop hold data?

A

7 years from end of relatiohip

31
Q

What is ISO27001?

A

International information Security Standard which outlines requirements for how a company should implement an information security management system.

This a governance framework for activities that allows a company to manage its information security risks

32
Q

What is data?

A

Raw facts
Unorganised
Primary
Basic inputs

33
Q

What is information?

A

Organised data which has been processed and structured
Secondary

34
Q

Why collect data?

A

As a record
Obtain information
Make decisions
Pass on

35
Q

Types of data?

A

Cost data
Market prices
Material costs
Budgets
Cash flows

36
Q

What is internal data?

A

Owned by company

37
Q

What is external data?

A

Stats
Market information

38
Q

How to protect data?

A

Access restrictions
Password
Scan, save, shred
Back up
Firewalls
Anti virus

39
Q

Principles of data management

A

Data is:
An asset
Shared
Accessible
Secure
Not duplicate
Fit for purpose

40
Q

Data management process

A

Collection
Share
Store
Access
Reassign
Delete

41
Q

What is tacit knowledge?

A

Knowledge gained through experience

42
Q

What is EDMS

A

Electronics document management system

43
Q

Benefits of EDMS?

A

High security
Data retrieval easier
Time save
Effective control
Share information

44
Q

Disadvantage of EDMS

A

Higher cost
Specialist training
Online security
Complex use
System errors

45
Q

Advantage/disadvantage of traditional management systems?

A

Adv - less cost, no specialist training, simple and user friendly, no online threat

Disadvantage - staff to upload, high cost, paper waste, time consuming, more space needed