***Sabrina 13.06.24 (Forwarded Questions) Flashcards
Business Planning
What do you expect to see in a business plan?
What is your company’s 5 year plan?
(Something more concrete that could be in figures e.g. double employees)
What is Corporate Social Responsibility?
(strategies encourage the company to make a positive impact on society and the environment)
What Corporate Social Responsibility does you company carry out?
What types of Statements should a company have on file?
(Slavery and Human Trafficking Statement, Equality and inclusion etc)
How does your firm comply with the Modern Slavery Act 2015?
(Group procurement policy defining minimum standards when procuring goods or services
Whistleblowing policy
Training and awareness
Corporate responsibility policy)
What is the definition of Whistleblowing?
(The action someone takes to report wrongdoing at work that affects others.)
Data Management
What is the Data Protection Act 2018?
(UK’s implementation of the General Data Protection Regulation 2016 (GDPR)
Complete data protect system – as well as governing personal data covered by GDPR, it covers all other general data as previously covered by the 1998 Act)
What is GDPR?
(General data protection regulation
Relates to personal data
Aims to create a single data protection regime for anyone doing business in the EU and to empower individuals to take control of how their data is used by third parties
Gives people stronger rights to be informed about how their personal information is used)
When did GDPR come into force?
(25th May 2018)
What are the key requirements under GDPR?
(Obligation to conduction data protection impact assessments for high risk holding of data
New rights for individuals to have access to information on what personal data is held and to have it erased
A data controller decides how and why personal data is processed and is directly responsible for GDPR
‘Data accountability’ ensuring that organisations can prove to the Information Commissioners Office (ICO) how they comply with the new regulations)
What happens if you breach GDPR? What is the penalty?
(Data security breaches need to be reported to Information Commissioners Office (ICO) within 72 hours where there is a loss of personal data and a risk of harm to individuals
An increase in fines up to 4% global turnover of the company or €20m (whichever is the greater))
What are the 8 individual Rights under GDPR?
(Policed by the ICO
1. Right of access
2. Right to be informed
3. Right to rectification
4. Right to erasure
5. Right to restrict processing
6. Right to data portability (to use for their own purposes)
7. Right to object
8. Rights to automated decision making and profiling (as undertaken by insurance companies)
Under GDPR, would you be able to transfer personal data you hold outside of the UK?
(GDPR restricts transfers of personal data outside the European Economic Area (EEA), unless the rights of the individuals personal data is protected in another way)
What is the Freedom of Information Act 2000?
(Gives individuals the right of access to information held by public bodies)
What does the Freedom of Information Act 2000 require of public bodies?
(Public body must tell any individual requesting sight of information whether it holds it
Normally the public body is required to supply it in 20 working days in the format requested
It can charge for the provision of the information)