Data Management Flashcards
What does the Data Protection Act (2018) set out?
Data Protection Act (2018)
Controls how personal information can be used and your rights to ask for information about yourself
Sets out the need to use information;
- Fairly
- Lawfully
- Transparently
What are some methods to keep data secure?
- Firewalls
- Encryption
- Cloud-based storage
- Regular back-ups
- password protection
- anti-virus software
What is copyright?
-A set of exclusive rights for the creator/author of any original work, including the right to copy
- It is essential that you acknowledge any copyright for information duplicated in your work
Can copyright be transferred?
A copyright owner can sell or transfer their rights to someone else. This is known as a copyright assignment.
What are the key pieces of data protection legislation in the UK?
Data Protection Act, 2018 and UK GDPR (General Data Protection Regulation)
What are the key aims of UK GDPR?
- aim to create a single data protection regime affecting businesses
- empower individuals to take control of how third parties use their data
- give people the right to be informed about how their personal data is used
What Individual rights are laid out in the UK GDPR?
- Right to access
- Right to be informed
- Right of erasure
-Right of rectification
-Right to object - right to data portability
- right to restrict processing
-right of automated decision making and profiling
What are some of the obligations for companies under the UK GDPR and Data Protection Act 2018?
- Conduct data protection impact assessments for holding high risk data
- demonstrate compliance to the Information Commissioner’s Office
Which body polices compliance with the UK GDPR and Data Protection Act 2018?
The Information Commissioner’s Office
What are the max fines for breaching the UK GDPR and Data Protection Act 2018?
Up to 4% of global turnover or £17.5m (whichever is greater)
When must data security breaches be reported to the ICO?
- Where it involves personal data and where there is a risk of harm to individuals
- These breaches must be reported within 72 hours
What right does the Freedom of Information Act 2000 confer to individuals?
- The right of access to information held by public bodies
How must a public body respond to an FOI request?
- They must confirm to the requestor whether they hold the requested information
- They usually must supply the information in the requested format within 20 working days
- They are able to charge for the provision of the information
What are some possible exemptions for FOI requests?
- The information could prejudice a criminal investigation or an individual’s/company’s commercial activities
- The information is contrary to GDPR requirements
Are you aware of any proposed RICS guidance related to data protection?
There is a proposed Professional Standard on data handling and preventing cybercrime
- This will address surveyors’ handling, storing and sharing of data and is likely to mandate training and practices for regulated firms and members
