principles of data protection_QUESTIONS Flashcards
What are the key principles of data protection outlined in the Act?
The principles include lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
What does “lawfulness” mean in the context of data processing?
Data must be processed lawfully, fairly, and in a transparent manner.
What is meant by “fairness” in data processing?
Data processing should not adversely affect the rights of the data subject.
Define “transparency” in relation to data protection principles.
Data subjects must be informed about how their personal data is being used.
What is “purpose limitation”?
Personal data should only be collected for specified, legitimate purposes and not further processed in a manner incompatible with those purposes.
Explain “data minimization.”
Only the personal data that is necessary for the intended purpose should be collected and processed.
What does “accuracy” refer to in data protection?
Personal data must be accurate and kept up to date; inaccurate data should be rectified or deleted.
What is meant by “storage limitation”?
Personal data should not be kept in a form that allows identification of data subjects for longer than necessary.
Define “integrity and confidentiality” in the context of data protection.
Personal data must be processed securely to prevent unauthorized access, loss, or damage.
What is the significance of the principle of accountability?
Data controllers are responsible for complying with data protection principles and must demonstrate compliance.
How does the principle of “data subject rights” relate to data protection?
Data subjects have rights to access, rectify, erase, and restrict processing of their personal data.
What is the role of consent in data processing under the principles?
Consent must be obtained from data subjects before processing their personal data, and it must be informed and specific.
What does “data protection by design” entail?
Data protection measures should be integrated into the development of business processes and systems.
How does the principle of “data protection by default” work?
Only personal data necessary for a specific purpose should be processed by default.
What is the importance of regular audits in relation to data protection principles?
Audits help ensure compliance with data protection principles and identify areas for improvement.
What does the principle of “cross-border data transfer” involve?
Personal data can only be transferred outside the jurisdiction if adequate protection is ensured.
How does the Act address the principle of “data security”?
It requires data controllers to implement appropriate technical and organizational measures to protect personal data.
What is the impact of non-compliance with data protection principles?
Non-compliance can lead to
1. Legal penalties,
2. Loss of reputation, and
3. Loss of trust from data subjects.
What is the significance of the principle of “data subject access”?
It allows individuals to request access to their personal data held by data controllers.
How does the principle of “erasure” empower data subjects?
It gives individuals the right to request the deletion of their personal data under certain conditions.