Data Management Flashcards

1
Q

What are the individual rights under UK GDPR

A

a. Users have the following rights
i. Right to be informed
ii. Right to access
iii. Right to rectification
iv. Right to erasure
v. Right to restrict processing
vi. Right to data portability
vii. Right to object
viii. Rights to automated decision making and profiling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who deals with data breaches and when does a breach need to reported?

A

a) data breaches are policed by the Information Commissioners Office (ICO)
b) A data breach has to reported within 72 hours of becoming a aware of the breach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the punishments for breaching DPA 2018?

A

Can be fined up to the greater of 4% of annual worldwide turnover or £17.5m (whichever is greater)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Principles of the UK GDPR

A

The storage of personal data must be:

a) processed lawfully
b) collected for specified, explicit and legitimate purposes
c) adequate, relevant and limited to what is necessary for the purposes for they’re processed
d) accurate and, where necessary, kept up to date
e) Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
f) processed in a manner that ensures appropriate security of the personal data
g) article 5(2) requires that “the controller shall be responsible for, and be able to demonstrate, compliance with the principles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Can personal data be kept indefinitely?

A

a. Yes if for the following reasons:
i. Archiving purposes in the public interest
ii. Scientific or historical research purposes
iii. Statistical purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the Freedom of Information Act 2000?

A

Gives individuals the right of access to information held by public bodies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How do you protect data you receive?

A

a. Encrypting data
b. Clear desk policy
c. Locking screens when not as desk
d. Regular password updates
e. Anti-virus software
f. Firewalls
g. Disaster recovery procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is copyright?

A

a. A set of exclusive rights granted to the creator of any original work, including the right to copy
b. These rights can be licensed, assigned or transferred
c. Crown copyright is material created by the government including laws, public records and OS mapping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can you improve security of data?

A

a. Firewalls
b. Encryption
c. Passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a firewall?

A

Network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is encryption?

A

The method by which information is converted into secret code that hides the information’s true meaning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How long should you keep records for?

A

The UK GDPR does not set specific time limits for different types of data. This is up to you, and will depend on how long you need the data for your specified purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Are RICS due to release any documentation on Data handling?

A

Proposed RICS Professional Statement on Data Handling and Prevention of Cybercrime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How would you dispose of sensitive data?

A

If it was physical, I would dispose of it in the correct disposal bins that are placed around the office that are removed by specialist companies regularly and disposed of

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you comply with UK GDPR when dealing with mailing lists

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What nature of UK GDPR training have you undertaken at JLL

A
17
Q

What systems does JLL have in place to ensure data security

A
18
Q

What sorts of information can a firm reasonably retain in order to comply with other laws?

A
19
Q

Paradise acronym

A

P: Portability
A: Access
R: Rectification
A: Automated decision
D: Data erase
I: Informed
S: Strict process
E: Exercise right to object (Object)