Data Management Flashcards
How is project information stored within your employer’s organisation?
Project data can be stored locally in files with restricted access to only those who need it.
What is an EDMS?
Electronic Data Management System – software (usually cloud/online based) which collectively stores comprehensive data and documents. This is an alternative to paper files or a simple electronic folder system.
What are some examples of how data can be kept secure?
- Firewalls.
- Regular changing of passwords (e.g. every 30 days).
- Virus protection.
- Backing up data.
- Using two-step verification.
What legislation dictates the storage and sharing of information?
- Data Protection act 2018.
- The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is: used fairly, lawfully and transparently.
What are your rights under the Data Protection Act 2018?
- be informed about how your data is being used
- access personal data
- have incorrect data updated
- have data erased
- stop or restrict the processing of your data
- data portability (allowing you to get and reuse your data for different services)
- object to how your data is processed in certain circumstances
What are the Data Protection Principles?
They make sure information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
What is the purpose of GDPR?
GDPR protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
What are the seven fundamental principles under GDPR?
- Lawfulness, fairness and transparency;
- Purpose limitation;
- Data minimisation;
- Accuracy;
- Storage limitation;
- Integrity and confidentiality;
- Accountability.
What are the eight rights under GDPR?
- Right to be informed;
- Right of access;
- Right to rectification;
- Right to erasure;
- Right to restrict processing;
- Right to data portability;
- Right to object;
- Rights concerning automated decision-making and profiling.
What are the penalties for a breach of GDPR?
A fine up to the greater of £17.5m or 4% of a company’s global annual turnover.
What additional legislation is there in relation to data management?
- The Freedom of Information Act 2000.
- Gives the right to request information held by public authorities.
- If a written request is submitted, the public body must provide a written response within 20 working days.
- This can give the information (potentially with a fee payable) or refuse to provide the information, including an explanation.
How may a conflict of interest relate to data management?
- Use of information barriers when departments in the same firm are acting for different clients in relation to the same professional assignment.
- Confidential information conflict – The duty to share information with one party, which conflicts with the duty owed to another party to keep that same information confidential.
What steps could be taken when an information barrier is needed?
- Physically separating departments.
- Monitoring conversations between employees and clients.
- Splitting up record-keeping systems.
- Setting up access controls.
How long should information be stored in relation to a completed job?
- Under the Limitation Act 1980, claims can be brought up to 12 years from the date of breach depending on the method of execution of a contract.
- 6 year limitation period for contracts executed underhand.
- 12 year limitation period from contracts executed as a deed.
