Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Mick's APC > Subs: Data Management > Flashcards

Subs: Data Management Flashcards

1
Q

What is the Data Protection Act 2018?

A
  • UK’s implementation of the General Data Protection Regulation 2016 (GDPR)
  • It aims to create a single data protection regime affecting businesses, and empower individuals to take control of how their data is used by third parties.
  • It gives people the right to be informed about how their personal information is used.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is GDPR?

A
  • General data protection regulation
  • Relates to personal data
  • Aims to create a single data protection regime for anyone doing business in the EU and to empower individuals to take control of how their data is used by third parties
  • Gives people stronger rights to be informed about how their personal information is used
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When did GDPR come into force?

A

25th May 2018

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the key requirements under GDPR?

A
  • Obligation to conduct data protection impact assessments for high risk holding of data
  • New rights for individuals to have access to information on what personal data is held and to have it erased
  • A data controller decides how and why personal data is processed and is directly responsible for GDPR
  • ‘Data accountability’ ensuring that organisations can prove to the Information Commissioners Office (ICO) how they comply with the new regulations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data security breaches need to be reported when?

A

Data security breaches need to be reported to Information Commissioners Office (ICO) within 72 hours where there is a loss of personal data and a risk of harm to individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Who has received the largest fine under GDPR?

A

British Airways received a £183m fine in 2019 after hackers stole the personal data (including login, payment card, name, address and travel booking information) from 500,000 customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does Article 5(1) of GDPR state in relation to the processing of data?

A

Data must be processed lawfully, fairly and in a transparent manner in relation to individuals.

Data must be processed in a manner that ensures appropriate security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does Article 5(1) of GDPR state in relation to the collection of data?

A

Data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does Article 5(1) of GDPR state in relation to the relevance of data?

A

Data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does Article 5(1) of GDPR state in relation to the accuracy of data?

A

Data must be accurate and, where necessary kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purpose for which they are processed, are erased or rectified without delay.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does Article 5(1) of GDPR state in relation to the form which data is kept in?

A

Data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How do your firm ensure that you comply with data protection legislation?

A
  • only keep information we really need
  • make sure clients know we have got it and why
  • Not passing on personal information
  • holding information securely (password locked),
  • limiting access to information
    *keeping up to date information
  • deleting any information you have no more need for.
  • Not holding onto information that is longer than required.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the benefits of cloud based storage systems?

A
  • Backed up securely on encrypted servers
  • Accessible / can be managed online
  • Often cheaper than the cost of physically storing & managing files. i.e online instead of mailing.
  • Environmentally friendly
  • Multiple users can access the same doc at any one time.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the purpose / meaning of Non Disclosure Agreement’s (NDA)?

A
  • Protects against the sharing of confidential information.
  • Prior to sharing data, NDA would need to be signed.
  • To protect confidential, sensitive and innovative or intellectual information about property being shared with competitors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Who are the key persons outlined with GDPR?

A

1) Controller

  • Natural person or legal entity that determines the purpose & means of processing data.

2) Processor

  • Natural person or legal entity that processes data for the controller (I.e a call centre operative)

3) Data Protection Officer

  • Leadership role required by EU GDPR. Responsible for overseeing the approach, strategy & its implementation.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the 8 individual rights under GDPR?

A

1) Right to be informed
2) Right of Access
3) Right of Rectification
4) Right to Erase
5) Right to Restrict Processing
6) Right to Data Portability
7) Right to Object
8) Right of Automated Decision Making & Profiling

17
Q

What things might companies put in place to ensure GDPR compliance?

A
  • Raise awareness across business
  • Audit all personal data
  • Update your privacy notice
  • Review procedures supporting individual rights
  • Identify and document your legal basis for processing data
  • Regular review of how you seek, obtain and record consent
18
Q

How is Data Managed & Protected in your firm?

A

Whilst on secondment it way my responsibility to update and maintain the WIP schedule for client instructions…

  • Secure document storage (password protected on encrypted database)
  • Back up all documents
  • Secure processes for sharing docs
  • Common data standards
  • Secure processes for sharing with external teams.
19
Q

What does it mean to be GDPR complient?

A

GDPR is a regulation that requires businesses to protect the personal data & privacy of EU citizens for transactions that occur within EU member states. Non compliance could cost companies deary.

20
Q

What are the main principles of GDPR?

A
  • Lawfulness, fairness & transparency
  • Data minimisation
  • Accuracy
  • Storage limitations
  • Security
  • Accountability
21
Q

What are the eight principles of the data Protection Act 1998?

A
  1. Fairly and lawfully processed for relevant purpose.
  2. Processed only for relevant purposes
  3. Adequate, relevant and not excessive in relation to the purpose for which it is held.
  4. Accurate and up to date.
  5. Not keep longer than necessary
  6. Processed in line with the data subject’s right.
  7. Kept securely
  8. Not transferred to countries that do not have similar legal protection.
22
Q

What is the punishment for data protection breaches?

A

For serious breaches of the data protection principles, the ICO has the power to issue fines of up to 20 mil Euros acquainting to £17.5 Mn or 4% of your annual worldwide turnover, whichever is higher.

Mick's APC (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions