Data Management Flashcards
What are the principles of GDPR?
LADPASS
*Lawfulness (Fairness and Transparency)- keep client fully informed
*Accuracy- keep info up to date. Erase inaccurate data
*Data minimisation- only collect the data you need
*Purpose- inform client about purpose for collecting/storing data
*Accountability- record and prove compliance
*Storage- only retain data for the necessary amount of time
*Security (integrity and confidentiality)- keep it locked away aka password protected
How do you comply with GDPR in your role?
*Retain necessary data only
*Keep individual informed on storage and use
*Hold data securely
*Accuracy- keep info. up to date and only hold data required
How do you ensure data is kept securely?
Securely store the data in a password protected file/lockable storage for physical files
Lock computer when away from my desk
Obtain clients written permission to process information not available in the public domain
Attend yearly cyber security courses and regularly updating my password
What do the Privacy and Electronic Communications Regulations 2003 apply to?
Electronic communication.
Makes it unlawful to transmit automated recorded messages for direct marketing purposes via telephone without prior consent from the subscriber
Unlawful to send direct marketing to subscribers without their prior consent. Therefore marketers can’t just add consumers details to their database and offer an opt out after they’ve started sending marketing
What is copyright?
A set of exclusive rights granted to the author/creator of any original work, including the right to copy the work. The rights can be licensed/assigned/transferred
What is the Freedom of Information Act (2000)?
The act gives individuals the right to access information held by public bodies.
Public bodies must supply this information within 20 working days if they have it
Exemptions: if it can hinder a criminal matter under investigation
Tell me about retention of files and the Limitations Act (1980)?
Section 5 of Limitations Act states that the minimum time any information should stored is for 6 years after the business has expired so it can be referred back to if any disagreements arise
What is a primary data source?
Data collected directly from the source without going through any other source.
Pros
*Specific
*Accurate
*Date (up to)
Cons
*Expensive
*Time consuming
*Feasible (not)
What is a secondary data source?
Data that has been collected by someone else in the past but has been made available for use now (3rd party primary data)
Pros
*Easily accessible
*Affordable
*Not time consuming to collect
Cons
*May not be authentic or reliable
*Might have to deal with irrelevant data
*Might be outdated
What is the difference between a deed and a registered title?
A deed: signed tangible document that confirms transfer of ownership from one party to another.
Registered title: claims to several rights relating to a property including the rights to own, control and use it. The title incorporates all prior transfers and usage of the property and land
How do you source title information?
Official copy of a register and/or title plan by:
*Filling in an OC1 form and posting it to HMLR
Online using HMLR website.
What is the difference between paper (manual) records and electronic records?
Paper records: take up more space
accessed quite easy
destroyed without leaving trace
Electronic records: stored online
harder to destroy
ability to be hacked
can easily be tampered with
What is encryption?
The process of protecting information or data by using mathematical models to scatter the data in a way that only people who have the key to unscramble it can access the data
What is a firewall?
A network security device that filters and monitors incoming and outgoing network traffic based on an organisations previously established security policies
How do you protect data from viruses?
Keep software up to date
Firewalls
Antivirus software
Choosing a strong password
