Data Management Flashcards
What are the 7 principles of Atricle 5(1) of Data Protection 2018 and GDPR
Right to be Informed
Right of access
Right to rectification
Right to Erasure
Right to restrict processing
Right to data portability (use for their own purposes)
Right to object
Right to automated decision making and profiling
Tell me more about a Non Disclosure Agreement
Legally enforceable contract between 2 parties relating to sensitive info. Agreement will create a confidential relationship between a person who has sensitive info and a person who has access to that info. Party that was harmed by the breach of NDA can take legal action to enforce the agreement and seek damages for any losses that were incurred.
What type of data secuirty technologies are there?
Disk Encryption
Regular backups off site
Cloud storage
Password proptection and use of anti virus software protection
Firewall and disaster recovery procedures
What types of tasks would you complete on Excel?
Analsying comparable sales data, data analysis e.g. pivot tables, charts and graphs.
What makes information sensitive?
Confidentiality- Personal data, financial details, propriety info
Privacy concerns- personal safety risk
Commercial or competitive value- Business info that could harm an organisation’s position or operations if leaked.
Security risk- passwords, sensitive gov or military info
What principles are outlined in the UK GDPR Article 5(1)?
Processed lawfully and in a transparent manner.
Collected for specified and legitimate purposes.
Accurate and up to date (inaccuracies should deleted or rectified ASAP).
Kept in a way that the subject should not be identifiable for longer than necessary.
Processed to ensure security of data
What happens to password-protected documents when you leave the company?
Password protected documents will be created and run by the IT department. They’ll give you the password which you will not be able to change. If you leave, then the IT department can provide details of the password if the document is needed by others.
How did you verify the information from your comps?
Spoke to the letting agents and if possible the tenants agent in order to verify the information I was being told. Would assume they are not lying as they are RICS professionals who should be following the code of conduct.
What would you do if you accidentally send out personal details to another applicant?
Call/follow up email telling them to delete the information without opening it, inform the LSH Data Protection Office (who may inform ICO within 72 hours), let the person whose data was breached know
How do you ensure you keep client’s data secure?
By following the Data Protection Act 2018 – LSH have password protected computers with an encrypted VPN. I also ensure I do not leave any papers on my desk overnight.
