Data Management (L1M) Flashcards

1
Q

What is GDPR?

A
  • Covers UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.
  • GDPR came in in 2018 Data Protection Act (Data Protection Act is UK’s implementation of GDPR).
  • For DPOs and others who have day-to-day responsibility for data protection.
  • BNP - Shaun Spaulding
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 8 Individual Rights under GDPR?

A
  1. Right to be informed
  2. Right to access
  3. Right to rectification
  4. Right to erasure
  5. Right to restrict processing
  6. Right to data portability
  7. Right to object
  8. Right to not be subject to automated decision-making/profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the key GDPR requirements for companies?

A
  • Data Protection Impact assessment for high risk data
  • Data Protection Officer
  • Data accountability
  • Breaches (of personal data and risk of harm) - report within 72 hours
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the principles of GDPR?

A
  • Lawful
  • Legitimate
  • Limited
  • Accurate
  • Confidential
  • Secure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the GDPR penalties?

A
  • Written warning
  • Maximum fine of 20 million euros or 4% of annual global turnover – whichever is greater – for infringements
  • Reputational risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the Freedom of Information Act 2000?

A
  • Gives individuals the right to access information held by public bodies:
    Requests:
    1. Public body says whether they hold the information
    2. Public body supplies information within 20 working days
    3. Data must be in format requested
    4. You can be charged
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What methods are there for securing data?

A

Digital:

  • Disk encryption
  • Off-site backups
  • Password protection (change every 60 days)
  • Anti-virus software
  • Firewalls
  • 2 point authentication system (phones and emails)
  • Don’t use USB or personal email with anyone

Physical:

  • Locked in filing cabinet
  • Clear desk policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is copyright?

A
  • Exclusive rights granted to creator of any work
  • A form of intellectual property
  • Can be licensed, assigned or transferred

*Crown Copyright - material prepared by Government

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When and where do data security breaches need to be reported to?

A

• Data security breaches need to be reported to Information Commissioner’s Office within 72 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Freedom of Information Act during your job?

A
  • Gives individuals the right of access to information held by public bodies
  • If you were doing work for a public body
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an NDA?

A
  • Legal agreement between 2 parties not to share confidential material
  • Sued for damages that was inflicted after sharing the information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the 8 principles of Data Protection (Data Protection Act 2018)?

A

PLACARDS:

  1. Processed fairly & lawfully
  2. Not kept longer than necessary
  3. Adequate and not excessive
  4. Not transferred to Countries without same data security
  5. Accurate & up to date
  6. Relevant
  7. Data subjects rights
  8. Securely kept
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Who is the Data Protection Act 2018/GDPR policed by?

A

The Information Commissioners Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is an Automated Valuation model?

A
  • Software systems that can provide valuations using mathematical modelling
  • Mostly used for resi
  • Argus - weaknesses - loss of control, full detail cannot be seen.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What information is contained in title registers (Land Reg)?

A
  • Ownership information
  • Tenure
  • Price paid (if after 2000)
  • Title Plan
  • Restrictive covenant - something that restricts the use of the land
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a deed?

A
  • A legal document made under seal
  • For land not registered with Land Registry, proof of ownership is by production of Deeds, which sets out info about the ownership and details of the property.
17
Q

When do data security breaches need to be reported?

A

Data breaches need to be reported to Information Commissioners Officers (ICO) within 72 hours where there is a loss of personal data and a risk to harm to individuals.

18
Q

What are the principles of GDPR?

A

a

19
Q

Can you tell me what the principles of the GDPR are?

A

a

20
Q

How do you establish how long information is needed for?

A

a

21
Q

If you send an email containing sensitive financial information and realise you sent it to the wrong person, what course of action would you take?

A

a

22
Q

How do you ensure that your CRM system is gdpr compliant?

A

g