Data Management (L1M) Flashcards
What is GDPR?
- Covers UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.
- GDPR came in in 2018 Data Protection Act (Data Protection Act is UK’s implementation of GDPR).
- For DPOs and others who have day-to-day responsibility for data protection.
- BNP - Shaun Spaulding
What are the 8 Individual Rights under GDPR?
- Right to be informed
- Right to access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Right to not be subject to automated decision-making/profiling
What are the key GDPR requirements for companies?
- Data Protection Impact assessment for high risk data
- Data Protection Officer
- Data accountability
- Breaches (of personal data and risk of harm) - report within 72 hours
What are the principles of GDPR?
- Lawful
- Legitimate
- Limited
- Accurate
- Confidential
- Secure
What are the GDPR penalties?
- Written warning
- Maximum fine of 20 million euros or 4% of annual global turnover – whichever is greater – for infringements
- Reputational risk
What is the Freedom of Information Act 2000?
- Gives individuals the right to access information held by public bodies:
Requests:
1. Public body says whether they hold the information
2. Public body supplies information within 20 working days
3. Data must be in format requested
4. You can be charged
What methods are there for securing data?
Digital:
- Disk encryption
- Off-site backups
- Password protection (change every 60 days)
- Anti-virus software
- Firewalls
- 2 point authentication system (phones and emails)
- Don’t use USB or personal email with anyone
Physical:
- Locked in filing cabinet
- Clear desk policy
What is copyright?
- Exclusive rights granted to creator of any work
- A form of intellectual property
- Can be licensed, assigned or transferred
*Crown Copyright - material prepared by Government
When and where do data security breaches need to be reported to?
• Data security breaches need to be reported to Information Commissioner’s Office within 72 hours
Freedom of Information Act during your job?
- Gives individuals the right of access to information held by public bodies
- If you were doing work for a public body
What is an NDA?
- Legal agreement between 2 parties not to share confidential material
- Sued for damages that was inflicted after sharing the information
What are the 8 principles of Data Protection (Data Protection Act 2018)?
PLACARDS:
- Processed fairly & lawfully
- Not kept longer than necessary
- Adequate and not excessive
- Not transferred to Countries without same data security
- Accurate & up to date
- Relevant
- Data subjects rights
- Securely kept
Who is the Data Protection Act 2018/GDPR policed by?
The Information Commissioners Office
What is an Automated Valuation model?
- Software systems that can provide valuations using mathematical modelling
- Mostly used for resi
- Argus - weaknesses - loss of control, full detail cannot be seen.
What information is contained in title registers (Land Reg)?
- Ownership information
- Tenure
- Price paid (if after 2000)
- Title Plan
- Restrictive covenant - something that restricts the use of the land