DPA Flashcards
What does DPA stand for?
Data Protection Act. It attempts to control how the personal data is used by the businesses, organisations and the UK government.
True or False: The DPA applies only to personal data that is processed electronically.
False
Fill in the blank: The DPA is designed to protect individuals’ ________.
personal data
What is the primary purpose of the Data Protection Act?
To protect personal data and privacy of individuals.
To give individuals control over their data and supports the organisations process data lawfully.
Fairness, Lawfulness and Transparency
Must be valid reasons for collecting personal data
Must not be processed in a way that is damaging, unexpected or misleading.
Nothing must be done to data in breach of any other laws
The person or organisation collecting data must be open and honest from the start about how they will use their personal data.
What is meant by ‘data minimisation’ in the context of the DPA?
Data being processed must be adequate, relevant and limited to what is necessary.
What principle of DPA requires that personal data be accurate and kept up to date?
Accuracy
Fill in the blank: According to the DPA, personal data should be kept for no longer than ________ necessary.
is necessary
Multiple Choice: Which principle emphasizes that individuals should be informed about how their data is used?
A) Accountability
B) Transparency
C) Security
D) Purpose limitation
B) Transparency
What does the principle of ‘Purpose Limitation’ state?
Personal data must be collected for specified, legitimate purposes and not further processed in a way incompatible with those purposes.
True or False: Organizations must implement appropriate security measures to protect personal data under DPA.
True
What does ‘Accountability’ mean in the context of DPA principles?
Organizations must be able to demonstrate compliance with the DPA principles.
Multiple Choice: Which of the following is a right provided to individuals under the DPA?
A) Right to access
B) Right to unlimited data retention
C) Right to sell personal data
D) Right to ignore data requests
A) Right to access
What principle requires that personal data be processed in a manner that ensures appropriate security?
Security
Fill in the blank: Under the DPA, individuals have the right to request ________ of their personal data.
access
True or False: The DPA applies to both private and public sector organizations.
True
What must organizations do when collecting personal data to comply with the DPA?
Inform individuals about the purpose of data collection and their rights.
What is the consequence of non-compliance with the DPA?
Organizations may face fines and legal action.
What does the principle of ‘Integrity and Confidentiality’ refer to?
SECURTY: There must be adequate security measures in place to prevent unauthorised access to the data.
