Data Management (Level 1) Flashcards

1
Q

What does the Data Protection Act (2018) set out?

A

Data Protection Act (2018)

Controls how personal information can be used and your rights to ask for information about yourself

Sets out the need to use information;
- Fairly
- Lawfully
- Transparently

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the principles of the General Data Protection Regulation (2016)?

A

EU law on data protection based on the following 7 priniciples:

  1. Lawfulness, fairness, transparency
  2. Purpose limitation
  3. Data minimisation
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidentiality
  7. Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the Freedom of Information Act (2000) set out?

A

Provides public access to information held by public authorities

It does this in two ways:
- Public authorities are obliged to publish certain information about their activities
- Members of the public are entitled to request information from public authorities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you comply with GDPR and the Data Protection Act 2018 in your role?

A

To ensure compliance with GDPR and the Data Protection Act I take the following steps in my day to day work:

  • Ensure access to data is only granted to people who require it
  • I ensure that all files and folders are labelled correctly
  • Data is only stored for as long as necessary – either for the length of time needed for a project or to comply with statutory regulations e.g money laundering
  • Secure confidential and sensitive information with password encryption
  • Only share data using secure systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Give me an example of how you ensure that data is kept securely

A
  • Ensure access to data is only granted to people who require it
  • Secure confidential and sensitive information with password encryption
  • Only share data using secure systems
  • Separate out data in a logical and secure fashion
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What do the Privacy and Electronic Communications Regulations 2003 apply to?

A

The Privacy and Electronic Communications Regulations (2003)

  • The Privacy and Electronic Communications Regulations (2003) (PECR) sit alongside the Data Protection Act and the UK GDPR.
  • They give people specific privacy rights in relation to electronic communications. customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is copyright?

A

Copyright - Copyright is a type of intellectual property that protects original works and stops other people using it without your permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Can copyright be transferred?

A

A copyright owner can sell or transfer their rights to someone else. This is known as a copyright assignment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Can you tell me about the retention of files and the Limitation Act 1980?

A

Limitation Act (1980)

  • Purpose is to set the time limits on various types of legal action, from this businesses can determine how long they need to keep documents
    states that legal action must be brought within six years of the issue arising.
  • Businesses, then, have a responsibility to keep these documents for at least six years after they expire so they can refer to them if there’s a disagreement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Land Registry used for?

A

Land Registry – used to access a title register which includes:

  • Title number
  • Ownership
  • How much the property was last sold for
  • Whether the property has a mortgage
  • Details of ‘restrictive covenants’ - promises to not do certain things with the land, like not building on a particular area
  • Details of any ‘easements’ - the rights of one piece of land over another, like a right of way
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do you validate information?

A

Source – is the source credible and reliable

Time – how recent is the information gathered is it as up to date as possible

Relevance – is the information gather directly related to your need or purpose

Sense check – try to verify the information by cross referencing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the difference between a deed and a registered title?

A

Title refers to the ownership of a property

Deeds is the legal document that transfers title from one person to another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do you source title information?

A

Land Registry – used to access a title register which includes:

  • Title number
  • Ownership
  • How much the property was last sold for
  • Whether the property has a mortgage
  • Details of ‘restrictive covenants’ - promises to not do certain things with the land, like not building on a particular area
  • Details of any ‘easements’ - the rights of one piece of land over another, like a right of way
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is an index map?

A

The index map contains information on all land and property that’s registered or being registered with HM Land Registry. Use it to find the title number of a property that does not appear in a search of the register

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does encryption mean?

A

Encryption the process of converting information or data into a code, especially to prevent unauthorized access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a firewall?

A

Firewall is software that blocks unexpected connections coming into or out of a network

17
Q

How can you protect electronic data from viruses?

A

-Firewall and anti-virus software
- Provide password protection
- Back up your data
- Educate your users on the dangers of viruses

18
Q

Which records are manually kept in your office and why?

A

Signed contracts – signed in wet ink, original copies may be required for proof of signature

19
Q

What does ISO 27001 relate to?

A

ISO/IEC 27001 is the world’s best-known standard for information security management systems.

20
Q

What is an Electronic Document Management System (EDMS)?

A

EDMS - An electronic document management system (EDMS) is a software system for organizing and storing different kinds of documents

21
Q

Are electronic signatures accepted by the Land Registry?

A

From July 2020 – the Land Registry will accept witnessed electronic signatures with immediate effect

22
Q

What is data redundancy?

A

Data redundancy occurs when the same piece of data exists in multiple places

23
Q

For which documents can an electronic signature not be used?

A

They cannot be used for executing wills or codicils, contracts relating to the alienation of immovable property, bills of exchange such as cheques, and long-term agreements for immovable property, which are in excess of ten years

24
Q

Under the Data Protection Act how quickly do you need to report a data breach and who to?

A

Within 72 hours of a personal data breach that causes harm to individuals to the Information Commissioner’s Office

25
Q

What are the penalties for breaching the Data Protection Act (2018)?

A

Companies will be fined the greater of 4% of annual turnover of £17.5 million

26
Q

What are the data protection principles Under General Data Protection Regulation?

A

Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is:

  • used fairly, lawfully and transparently
  • used for specified, explicit purposes
  • used in a way that is adequate, relevant and limited to only what is necessary
  • accurate and, where necessary, kept up to date
  • kept for no longer than is necessary
  • handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
27
Q

What are the penalties for breach of GDPR?

A

Fined up to 4% of annual global turnover or 20 million euros

28
Q

When considering if there is a personal data breach what are the factors you must consider?

A

You must consider whether there is likely to be:
- physical or material damage
- emotional distress
- embarassment

29
Q

What is special category personal data?

A

sensitive data which needs greater protection as it may cause particular harm or distress if improperly used or disclosed

30
Q

What is a controller?

A

A controller is defined as any entity (company or public authority) that determines the purposes and means of the processing of personal data

31
Q

What is a processor?

A

A processor is defined as any entity that processes personal data on behalf of the controller.