Data Management Flashcards
What are the 7 principles of GDPR?
7 principles:
Lawfulness, fairness, and transparency
Storage limitations
Purpose limitation
Data minimisation
Accuracy
Integrity and confidentiality
Accountability
What data do you use in your work and how do you manage this?
Tenants contact information, email addresses etc, stored in our property management software, information removed once the tenant is no longer a tenant at the property, communication to all tenants via emIl is always sent by bcc, kept up to date, 6 month questionnaires to the Tenant to confirm all details are correct.
How do you ensure that you comply with data protection legislation?
When sending emails to multiple tenants I send by way of bcc to ensure the tenants data is protected. I only keep information I really need. I regularly check that information we hold is up to date and we are not keeping information that for any longer than necessary. I ensure that I do not pass on personal information onto others.
What rights do individuals have in relation to their data Under the Data Protection Act 2018?
The right to:
- Be informed about how your data is being used;
- Access personal data;
- Have incorrect data updated;
- Have data erased;
- Stop or restrict the processing of your data;
- Data portability (allowing you to get and reuse your data for different services);
- Object to how your data is processed in certain circumstances.
You also have rights when an organisation is using your personal data for:
automated decision-making processes (without human involvement)
profiling, for example to predict your behaviour or interests
What is the Freedom of Information Act?
The Freedom of Information Act 2000 deals with access to official information. The Act provides individuals or organisations with the right to request information held by a public authority. Information must also be published through the public authority’s publication scheme. This must be approved by the ICO, and is a commitment by a public authority to make certain information available, and a guide on how to obtain it.
What are the implications of unlawfully handling data?
- A reprimand
- A temporary or definitive ban on processing
- A fine of up to £17.5 million or 4% of the business’s total annual worldwide turnover
How do you store data in accordance with GDPR?
- Files are achieved after finishing work on them and only stored in a achieving for a period of 12 years before being destroyed.
- where files are electronic these are password protected. Physical files are stored in a locked filing cabinet or achieve storage unit.
What is personal data?
Any information relating to the Data Subject that can be used directly or indirectly to identify the person.
E.g. name, photo, email address, bank details, social media posts, medical information
Explain how you analyse comparable data.
Explain how you ensure the electronic filing system complies with the Data Protection Act 2018?
What is the Data Protection Act?
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR)
What are the data protection principles under the Data Protection Act?
‘data protection principles’. They must make sure the information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
