QS0015-02: Data Management Policy Flashcards
QS0015-01: Data Management Policy
What are the Data Owner responsibilities?
Understanding use and risk associated with the information
Classification
Ensuring measures are in place to properly secure.
QS0015-01: Data Management Policy
What agreement must be signed by a third-party vendor when transferring electronic storage media for sanitation?
A third-party vendor non-disclosure agreement.
QS0015-01: Data Management Policy
What are data access restrictions?
Access to data must be restricted to users or information systems with a legitimate business need and authorized by the data owner or an authorized delegate of the owner.
QS0015-01: Data Management Policy
May Personally Identifiable Information (PII) data leave the AWS network?
PII data should never leave the hosted, protected network, even to approved, connected devices. For example, developers must not copy a LIMS database, or application files for such a site onto a local device. It must remain on servers provided for this purpose within the network.
QS0015-01: Data Management Policy
Who is responsible for assuring backup procedures, retention, and data protection?
Application owners
QS0015-01: Data Management Policy
How would you describe the data disposal process written within the policy?
- Data disposal is permissible by or at the direction of the data owner.
- Data owners must follow data retention and disposal procedures.
