Data Management (Level 1) Flashcards
What is triangulation?
Process used to verify data through an alternative source
- Important when considering reliability of a source and risks
How have you ensured data is secured safely?
Regular back ups undertaken off site
Disk encryption
Firewalls and disaster recovery procedures
Using anti-virus protection
Password protection
What is copyright?
Exclusive rights to work provided to the author or creator
- Rights can be assigned and transferred
- Essential to acknowledge any copyright in your own work
What is crown copyright?
Refers to material created and prepared by the government, such as laws, public records and OS mapping
What is Data Management?
The practice of collecting, storing and using data securely, efficiently and cost effectively
What is hard and soft data?
Hard - quantifiable
Soft - less measurable - e.g. opinions
What is an information barrier?
Physical or electronic barrier which prevents the transmission of information between individuals or firms
What is the Data Protection Act (2018)
UK implementation of GDPR
What is the purpose of GDPR?
Harmonise data protection across the EU
Alter how personal data is managed and handled to ensure stricter regulation
How have consent conditions been strengthened under GDPR?
Consent must be given with the purpose of data processing attached to that consent
- It must be as easy to give consent as it is to reverse it
What is the role of the Data Protection Act 2018?
Controls how personal information is used by organisations, businesses and the government
- Also govern data protected by GDPR
Is there any RICS guidance on Data Management?
(Archived) RICS Guidance Note - Electronic Data Management
Why did the Data Protection Act come into force?
1999 - Respond to the rise of Data
2018 - incorporate new GDPR regulation s
What are the key principles of GDPR / DPA?
Data must be
- Lawful, fair and transparent
- Collected for specified, legitimate and explicit purposes
- Adequate, relevant and limited to necessity
- Accurate and kept up to date
- Kept no longer than required
- Kept safe
What are the 8 individual rights under GDPR?
1) To be informed
2) To have access
3) To rectification
4) To erasure
5) To restrict processing
6) To data portability
7) To object
8) To automated decision making and profiling
Who does GDPR affect?
All companies who hold date EU data
Who polices and regulates GDPR in the UK?
Information Commission Office (ICO)
What are the penalties under GDPR and DPA?
Greater of 4% annual turnover or 20m euros
What should you do in the event of a GDPR breach?
Report to the ICO in 72 hours
What is the right to be forgotten?
Article 17
Individuals have the right to have personal files erased if:
- Data no longer required
- Data has been processed unlawfully
What is data portability?
Right for a data subject to receive personal info concerning them which they have provided and transmit data to another controller
What is privity by design?
Legal GDPR requirement
- Requires data protection from onset of designing a system, rather than in addition
What is a data controller?
Decides how and why personal data is processed and is directly responsible for GDPR
What is a data processor?
Someone who processes data on behalf of and in accordance with a data controller instruction
What is a data subject?
Individual whose data is about
What is a data protection officer?
Person responsible for compliance with data protection regulations - monitor and ensure internal compliance