Data Management L1 Flashcards
What is CRCA, what does it apply to?
- Commisoners for Revenue and Customs Act (2005)
- Applies to HMRC officers and provides a duty to confidentiality
- Also sets out criminal penatlies for wrongful disclosure
How does CRCA 2005 apply to you work?
Talk Sections
- S.10 - Confirms who we can advise for example public authorties, HMRC, advice for the greater public good
- S.17 Allows the exchange of infomation between HMRC and VOA
- S.18 Allows the sharing of NECESSARY AND PROPORTIONAL infomation externally inline with our statuotry fuction such as discussing RALDS
- S.19 Makes it criminal offence to disclose infomation that could identify an indiviusal unless covered by S.18
What is the Freedom of Infomation Act 2000 and when can a request be rejected?
Gives the right to request infomation held by public authorites who must resposond within 20 days
Request can be rejected if:
* Related to criminal matter under investigation
* Too costly
* Request is vexatious
* Request is a repeat
* Contray to GDPR
What is the Data Protection Act 2018?
- UK’s implementation of the General Data Protection Regulation 2016 (GDPR)
- Complete data protect system – as well as governing personal data covered by GDPR, it covers all other general data as previously covered by the 1998 Act
What is GDPR?
General Data Protection Regulations effecttive from May 2018
GDPR controls how personal data is used by organisations.
Aims to create a single data protection regime for anyone doing business in the EU and to empower individuals to take control of how their data is used by third parties
There are 7 principle and 8 personal rights.
What are the principles of GDPR?
There are 7 principles of GDPR
1. Lawfullness, fairness and transparency
2. Accuracy
3. Data Limitation
4. Process Limitation
5. Accountablity
6. Storage Limitation
7. Security
What personal rights are there under GDPR?
There are 8 personal right under GDPR. You have the right to:
1. Access
1. Objection
1. Rectification
1. Automated Decsion Making
1. Informed
1. Data portability
1. Eraser
1. Restriction
What is “personal data” as defined by GDPR?
Personal data is any information which is related to an identified person e.g. the telephone number, email address
What happens if you breach GDPR? What is the penalty?
20Data security breaches need to be reported to Information Commissioners Office (ICO) within 72 hours where there is a loss of personal data and a risk of harm to individuals
An increase in fines up to 4% global turnover of the company or EURO 20M (whichever is the greater)
Policed by the ICO
How does yoru firm comply with GDPR?
- Ensure staff training
- firewall and use of secure VPN
- Proactive approach with password rotation and automatic data eraser
What are the elements of a Non-Disclosure Agreement (NDA)?
- Identification of the parties
- Definition of what is deemed to be confidential
- Scope of the confidentiality obligation
- The exclusions from confidential treatment
- The length of term of the agreement
What does copy right mean?
- A set of exclusive rights granted to the author or creator of any original work, including the right to copy
- These rights can be licensed, assigned or transferred
- Form of intellectual property
What does Crown Copyright cover?
All materials created and prepared by the Government, such as laws, public records, official press releases and OS mapping
What is a deed? How can it prove ownership of land?
A legal document made under seal. The Deeds will set out information about the ownership and details of a property.
