Data Management Flashcards
If two separate departments at T&T were working for two competitors, how would you ensure client sensitive data was managed?
- Set up password and personel restricted files
- Segregate teams working on the same commission
What data systems do you use at T&T?
The Hive
Microsoft Teams
Intranet system
Servers
Dynamics 365 for finances
What is GDPR?
General Data Protection Regulations - European law regarding data protection and how personal data can be used.
What are the 7 principles of GDPR?
- Data Accuracy
- Data Minimisation
- Purpose limitation
- Storage limitation
- Accountability (of data)
- Integrity and Confidentiality
- Lawfulness and Transparency
Can you name the individual rights of GDPR?
- To access
- To rectify
- To erase
- To object
- To be informed
- To restrict processing
- To data portability
- To automated decision making & profiling
How long should you keep data for?
6 years if underhand.
12 years if deed.
RICS recommends 15 years as this is how long claims can be up to.
What is the Data Protection Act?
UK’s implementation of GDPR.
The act ensures data is used fairly, lawfully and transparently, used in a way that is relevant to it’s purpose and is not retained for any longer than necessary.
What are a persons right under the DPA?
- To be informed
- To access
- To rectify (incorrect data)
- To have data erased
- To stop processing
- To object to the use
Who are the key people under the GDPR rules?
- Controller - determines the purpose and means of processing the data
- Processor - processes personal data on behalf of controller
- Data Protection Officer - leadership role required by GDPR by companies who process data of EU citizens.
What are the sanctions for breach of GDPR?
Up to £20m appropriate to the breach or 4% of turnover
