Data Management Level 1

Question 1

What are the seven principles of GDPR?

Answer 1

• Fair, lawful and transparent processing
• Purpose limitation
• Data minimisation
• Accuracy
• Data retention periods
• Data security
• Accountability

Question 2

What does GDPR concern? Who is responsible for GDPR?

Answer 2

Protects individuals from being identified in data.

Concerns information that allows a living person to be directly, indirectly identified from data that’s available.

Largely, GDPR places the most emphasis on data controllers and processors.

Question 3

When did UK GDPR become effective?

Answer 3

1 January 2021

Question 4

What is the freedom of information Act 2000?

Answer 4

Can request information from public bodies: government departments, local council, schools, public health services, police etc.

Question 5

Does the public body have to provide information under FOI 2000?

Answer 5

Must be provided unless there is a good reason not to.

e.g. under investigation or is sensitive in nature.

Question 6

How can the public gain access under FOI?

Answer 6

Requests are made under Subject Access Requests (SARs)

Must be responded to within 20 days of receipt

Question 7

What is the Commissioner for Revenue and Customs Act 2005?

Answer 7

Section 10 of the Act gives the right to the VOA to conduct valuations

Section 18 of the Act allows HMRC to share information with the VOA to perform our statutory function.

Question 8

How do you direct requests for information?

Answer 8

If a request for information comes directly to me, I first see if it can be dealt with within the team under legislation.

If not, I forward the request on to the subject access request team and inform my line manager.

Question 9

What techniques do you use to save data?

Answer 9

• Electronic Data management system
• Check Challenge Appeal portal has public and internal document sections
• Save files on cloud based systems ensuring back up
• Save files in restricted/password protected folders.