Privacy data roles and responsibility Flashcards
What are the roles and resposiblites we need to know?
Data subject - an individual who is the subject of person data
What is a data owner?
masters of all; responsible for classification of data and hold legal rights and complete control over the data they create, or is created by others on their behalf
What are the data owner roles?
- Determine data’s impact of the mission of the organization; understand the replacement cost of the information ( if it can be replaced)
- Determine who has a need for the data and under what circumstances the data should be released
- Identify when data is inaccurate or no longer needed and should be destroyed
What is a data controller?
Determines the purpose for which and the manner in which data is to be processed
What is the data processor?
Manages all of the data; they process the data on behalf of the data controller
Data processor roles?
- Adherence to appropriate and relevent data policy and data ownership guidlines
- ensuring accessibility to appropriate users, maintaining appropriate levels of dataset security
- dataset maintenance and documentation
- assurance of quality and valiadation of any additions to a dataset, including periodic audits to assure ongoing data integrity
What is a data custodians?
Responsible for the safe custody, transport, stroge of the data and implentation of business rules
Data custodian roles?
- Access to the data is authorized and controlled
- Data stewards are identified for each data set
- Technical processes sustain data integrity
- processes exist or data quality issue resolution in partnership with data stewards
What are data stewrds?
They are responsible for utilizing and organization’s data governance process to ensure fitness of data elements - both the content and metadata.
They focus on processes, policies and guidelines and reponsiblity for administering organizations, entire data in compliance with policy and or regulatory
Data stewards roles?
- Technical controls to safeguard data
- Change management practices are applied in maintenance of the database/datasets
- Data content and changes can be audited
What data Protection officer?
mandatory role for all companies that collect process EU citizens personal data, under Article 37 of GDPR
Data protection officer roles?
- Responsible for educating the company and it employees about compliance, training staff involved in data processing, and conducting regular security audits
- Also serve as the point of contact between the company and any supervisory authorities that oversee activities related to data.
