Data Management

Question 1

What are the data act responsibilities regarding the information?

Answer 1

• Used fairly, lawfully and transparently
• Used for specified, explicit purposes
• Used in a way that is adequate, relevant and limited to only what is necessary
• Accurate and, where necessary is kept up to date.
• Kept for no longer than is necessary.
• Handled in a way that ensures appropriate security, including protection against. unlawful or unauthorised processing, access, loss, destruction or damage.

Question 2

Where is there stronger legal protection for more sensitive information?

Answer 2

• Race
• Ethical background
• Pollical opinions
• Religious beliefs
• Trade union membership
• Genetics
• Health
• Sex life or orientation

Question 3

What is triangulation?

Answer 3

Means using multiple datasets, methods, theories and/or investigators to address a research question.

Question 4

When would you use Triangulation?

Answer 4

Landstack / EA flooding / Historic England / Local plan policy map for constraints.

Question 5

What is internal information?

Answer 5

Information we share within our team and office within the company.

Question 6

What is external information?

Answer 6

o EG
o Land Reg
o Clients Info
LandInisght

Question 7

What can data security technologies include and how can security of data technology be improved?

Answer 7

• Firewalls
• Encryptions
• Password Protection
• Use of anti virus software protection
• Regular back ups off site
• PDF – read only copies should be sent so they cannot be altered – this shows accountability.

Question 8

What does Stonebond do and what are actions in your company / office to ensure the security of data?

Answer 8

• When we log into our systems – we have to authenticate it – using the Microsoft authentication which is connected to our phone. Meaning you cannot access our system without verification every day.
• Always have passwords to get into every computer
• Passwords for folders and only people working on them have passwords for those sites etc.
• Always shred paper when finished / try and become more paperless.

Question 9

Why is security so important?

Answer 9

To protect against:
- Unlawful proceedings
- Access
- Loss
- Destruction
- Damage

Question 10

What is a non-disclosure agreement?

Answer 10

NDA is also known as a confidentiality agreement.

It is a legally binding contact that establishes confidential relationship.

Question 11

Are there any exemptions when you can release personal data?

Answer 11

Yes.
* If it would prejudice a criminal investigation.
* Contrary to GDPR Requirements
* Prejudice a person/organisation commercial interest

Question 12

How do you make sure to keep up to date with agreements etc?

Answer 12

Private diary reminds for who is working on that project.

Question 13

What would you do if sensitive information?

Answer 13

Act in accordance with data protection act
* Then just what was in my head.
* 4 closed walls
* Password protected
* Speak to that client how would they like to be communicated.

Question 14

What is an SAR?

Answer 14

Subject Access Request - Demand that the individual be given all the information that a company holds on them.

Question 15

What does the Data Protection Act do?

Answer 15

• Makes our data protection laws fit for the digital age when an ever increasing amount of data is being processed.
• Empowers people to take control of their data.
• Supports UK business and organisations through this change.

Question 16

Key Requirements under the Data Protection Act are?

Answer 16

• An obligation to conduct data protection impact assessments for high risk holding of data.
• New rights for individuals to have access to information on what personal data is held and to have it erased.
• A data controller decides how and why personal data is processed and is directly responsible for GDPR.

Question 17

What happens if there is a Data Security Breach?

Answer 17

Data Security Breaches need to be reported to the ICO – Information Commissioners Office.
This needs to happen within 72 hours – when there is a loss of personal data and a risk of harm to individuals.

Question 18

Who is the Data Protection Act policed by?

Answer 18

The Information Commissioners Office

Question 19

What are the fines / punishments?

Answer 19

An increase in fines to up to 4% global turnover of the company or 17.5 million euros (whichever is the greater).

Question 20

What are the principles of GDPR – in relation to the storage of personal data?

Answer 20

1) Processed lawfully, fairly and transparently.
2) Collected for specified and legitimate purpose.
3) Relevant and limited to what is necessary of the purpose for which they are processed.
4) Accurate and where necessary kept up to date.
5) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
6) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Question 21

What are the 8 Individual Rights Under GDPR?

Answer 21

1) Right of Access
2) Right of Automated Decision Making
3) Right to be Informed
4) Right to Object
5) Right to Data Portability
6) Right to Removal
7) Right to Rectification
8) Right to Restrict Processing