Data managenments Flashcards
what is GDPR
General data protection regulations of EU law (came in 25th May 2018)
What is DPA
Data protection act 2018
What are the differences between GDRP and DPA
They are similar however DPA is more tailor to the UK
What are the 7 principles of GDPR
Lawfulness, fairness and transparency
· Purpose limitation
· Data minimisation
· Accuracy
· Storage limitation
· Integrity and confidentiality (security)
· Accountability
what are the differences between GDPR and DPA
Child consent
The GDPR states that a child can consent to data processing at age 16, whilst the DPA sets this at 13.
Penalties
GDPA
€20 million, or four per cent of annual turnover
DPA
£500,000, or one per cent of annual turnover
what effects has the new legislation had on your company
- Data will be held in as few places as necessary. Staff should not create any unnecessary additional data sets.
- Staff should take every opportunity to ensure data is updated. For instance, by confirming a customer’s details when they call and updating Greentree.
- Data should be updated as inaccuracies are discovered. For instance, if a customer can no longer be reached on their stored telephone number, it should be removed from Greentree.
- Data printouts should be shredded and disposed of securely when no longer required.
- When not required, the paper or files containing personal data should be kept in a locked drawer or filing cabinet.
- Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer or on a desk with public access.
Raise awareness across the business
how is data managed and protected in your firm?
secure document storage
back up of documents
sharing/ confidentiality of documentation
data sharing with internal and external teams
paper forms