Data Management Flashcards
What is your understanding of the term confidentiality?
Where information is provided but is subject to confidence and not shared without permission.
What is the Freedom of Information Act 2000?
- This is the primary piece of UK legislation that controls the access to official information.
- The act permits the public right of access to information held by public authorities.
- Information must also be published through the public authorities publication scheme.
- The act covers all information held and not just information since the act came into effect.
What are the benefits of cloud based storage systems?
- Information is backed up securely on encrypted servers.
- Accessibility can be managed via online settings.
- Cloud systems are often cheaper than the costs of physically storing and managing files.
- It is convenient to send and share files online instead of mailing physical copies.
- Cloud systems are environmentally friendly.
- Multiple users can access the same documents.
- Documents and folder systems can be synchronised.
What is the meaning of a non-disclosure agreement?
- Non-disclosure agreements are used to protect against the disclose or sharing of any confidential data.
- Prior to the confidential data being shared with a recipient, clients will typically request that the recipient signs up to an NDA.
- They are often used when confidential, sensitive, innovative or intellectual property information is being shared to prevent this information being used by competitors.
What is the Data Protection Act 2018?
- The act replaces the previous 1998 legislation and manages how personal data is processed by organisations and the government.
- It is the UK legislation for the implementation of the EU General Data Protection Regulations (GDPR).
What are the key principles of the Data Protection Act 2018?
The act ensures that data is:
1. Used fairly, lawfully and transparently.
2. Used in a way that is adequate, relevant and limited to only the purpose it is intended.
3. It is retained for no longer than necessary.
4. Processed securely including the protection against unlawful use, loss or destruction.
What are a person’s rights under the Data Protection Act?
People have the right to:
1. To be informed about how their data is being used.
2. The right to access their data.
3. The right to have incorrect information updated.
4. To have their data erased.
5. To stop or restrict the processing of their data.
6. The right of portability.
7. To object to the use of their data.
Who are the key persons outlined with GDPR?
Controller: The natural person or legal entity that determines the purposes and means of the processing of personal data for example when processing an employee’s personal data, the employer is considered to be the controller.
Processor: A natural person or legal entity that processes personal data on behalf of the controller for example a call centre acting on behalf of its client is considered to be a processor.
Data Protection Officer: A leadership role required by EU GDPR. Exists within companies that process the personal data of EU citizens.
What are the 8 individual rights under GDPR?
- To be informed.
- Of access.
- Of rectification.
- To erasure.
- To restrict processing.
- To data portability.
- To object.
- Rights of automated decision making and profiling.
- Diversity, Inclusion and Team Working.
How do companies ensure compliance with the Data Protection legislation generally?
- They should only retain data they need to perform their day to day operations.
- If they are retaining someone’s data they should ensure that the person is kept informed and advised on why they have it.
- They should hold the data securely.
- They should also keep the information up to date and delete information they no longer need.
