Data Management

Question 1

What are the 7 key principals of the UK GDPR?

Answer 1

1. Lawfulness, fairness and
   transparency
   
   2. Purpose limitation
   3. Data minimalisation
   4. Accuracy
   5. Storage limitation
   6. Integrity and confidentiality
2. Accountability

Question 2

What are the 8 Individual Rights under UK GDPR?

Answer 2

1. Right to be informed
2. Right of access
3. Right to rectification
4. Right to erasure
5. Right to restrict processing
6. Right to data portability
7. Right to object
8. Right to automated decision making and profiling

Question 3

What is the aim of UK GDPR?

Answer 3

• To create a single data protection regime affecting businesses and empower individuals to take control of how their data is used by third parties
• It gives people the right to be informed about how their personal information is used

Question 4

What are the Key Requirements of UK GDPR?

Answer 4

• Conduct data protection impact assessments for high risk holding of data
• Data security breaches need to be reported to the Information Commissioners Office (ICO) within 72 hours of the breach
• Fines up to £17.5 million or up to 4% of companies global turnover - whichever is greater
• Policed by ICO

Question 5

What are the key principals of the Freedom of Information Act 2000

Answer 5

• Gives individuals the right of access to information held by public bodies
• The public body must tell any individual requesting sight if information whether it holds it
• Normally the public body is required to supply it in 20 working days in the format requested
• It can charge for the provision of information

Question 6

How does your firm ensure compliance with GDPR?

Answer 6

• By encrypting data on a secure hard disk drive
• Use of password protection and anti-virus software
• By regularly backing up data off site
• Use of firewalls and disaster recovery procedures