Data Protection and compliance

Question 1

What is the 2018 Data protection act?

Answer 1

UK legislation controls how your personal information is used by organisations, businesses or the government. That ensures the information is:

Used fairly, lawfully and transparently
Used for specified, explicit purposes

Question 2

What is personal data?

Answer 2

Information related to an identified or identifiable living human being e.g Bank details and IP address.

Question 3

What is Sensitive Personal Data?

Answer 3

Distinct personal information that is more sensitive than personal data e.g Racial or ethic origin and Trade union membership.

Question 4

How should data be used?

Answer 4

1. Obtain and process information fairly
2. keep it only for one or more specified, explicit purposes
3. Use and disclose it only in ways compatible with these purposes
4. Keep it safe and secure
5. keep it accurate, complete and up-to-date
6. Ensure that it is adequate, relevant and not excessive
7. Retain for no longer than is necessary
8. Give a copy of their personal to an individual, on request.

Question 5

What is the penalties for non compliance in the UK and EU?

Answer 5

UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover whichever is greater.

The EU set a maximum of €20 million or 4% of annual global turnover whichever is greater.

Question 6

Who is the governing body for the uphold of information rights?

Answer 6

Information commissioners office