14 Data Governance

Question 1

What is data governance?

Answer 1

Policies meant to protect people and the integrity of the data

Data governance includes international standards, national laws, local laws, industry regulations, company contracts, or personal rules.

Question 2

What is data integrity?

Answer 2

How valid, or accurate, the data is

Maintaining data integrity involves ensuring that data is not manipulated incorrectly.

Question 3

What can happen if data governance rules are ignored?

Answer 3

It can hurt the people whose data you are using and have legal repercussions for you personally.

Question 4

What are the two main methods of granting access to data?

Answer 4

• Role-based
• User group-based

Question 5

What does role-based access focus on?

Answer 5

The role a person plays in a company.

Question 6

What is user group-based access?

Answer 6

Access focused on the specific group to whom the data pertains.

Question 7

What are Data Use Agreements?

Answer 7

Contracts that state how data can be used, processed, deleted, and maintained.

Question 8

What is data encryption?

Answer 8

Using algorithms to translate data from plaintext to cyphertext.

Question 9

True or False: Data in transit is vulnerable.

Answer 9

True

Question 10

What is de-identification/masking of data?

Answer 10

Removing personal or sensitive information from data to legally report it.

Question 11

What does the acceptable use policy outline?

Answer 11

How data can be used, how it can’t be used, and what happens if the policy is broken.

Question 12

What should you do if you suspect a data breach?

Answer 12

• Report the breach
• Secure operations
• Fix vulnerabilities
• Notify the impacted parties

Question 13

What are some reasons for data deletion?

Answer 13

• Consent is withdrawn
• Illegal means were used to collect or process the data
• Legal obligations
• Data is no longer needed
• The data retention period ended

Question 14

What does data retention cover?

Answer 14

How long data will be kept and how it will be stored.

Question 15

What is personally identifiable information (PII)?

Answer 15

Data that can be used to identify a specific person.

Question 16

List some examples of PII.

Answer 16

• Name
• Physical address
• Email address
• IP address
• Social Security number
• Phone number
• License number
• Passport number
• Login ID
• Social media ID
• Social media posts
• Date of birth
• Digital images
• Geolocation
• Biometric data
• Behavioral data

Question 17

What is the role of a data analyst regarding data security?

Answer 17

To understand and follow data security protocols.

Question 18

What is the gold standard in data processing regulations?

Answer 18

The European Union General Data Protection Regulation (GDPR).

Question 19

Fill in the blank: Data security is important for maintaining _______.

Answer 19

data integrity.

Question 20

What is the consequence of deviating from the Data Use Agreement?

Answer 20

It is illegal and will have consequences for the company and the individual.

Question 21

What should you do before sharing data with someone not listed in the Data Use Agreement?

Answer 21

Obtain express approval with a release approval.

Question 22

True or False: Data security requirements are solely determined by government regulations.

Answer 22

False

Question 23

What is the significance of understanding data classifications?

Answer 23

Certain types of data are legally protected and have specific rules about how to treat them.

Question 24

What does PII stand for?

Answer 24

Personally Identifiable Information

PII includes any data that can identify a specific person.

Question 25

What is an example of PII?

Answer 25

Examples include: * Social Security number * Phone number * Date of birth * Geolocation

Question 26

What is the main purpose of the Data Use Agreement?

Answer 26

To outline acceptable use, data processing, data deletion, and data retention.

Question 27

What is PHI?

Answer 27

Personal Health Information ## Footnote PHI includes identifiable information related to a person's health.

Question 28

Which act is most referenced for protecting health information?

Answer 28

Health Insurance Portability and Accountability Act (HIPAA)

Question 29

What does PCI stand for?

Answer 29

Payment Card Industry ## Footnote PCI focuses on financial information related to credit and debit cards.

Question 30

What is an entity in the context of data governance?

Answer 30

A table, model, or data object.

Question 31

What are entity relationships?

Answer 31

How data objects connect to each other.

Question 32

What are the main types of entity relationship requirements?

Answer 32

The main types are: * Record link restrictions * Data constraints * Cardinality

Question 33

What do record link restrictions refer to?

Answer 33

Restrictions on linking different pieces of data of the same record.

Question 34

What are data constraints?

Answer 34

Rules designed to protect data integrity.

Question 35

What is cardinality in data relationships?

Answer 35

The row-to-row relationship between two table entities.

Question 36

What is a one-to-one relationship in cardinality?

Answer 36

Each row in the first table corresponds to one row in the second table.

Question 37

What is a one-to-many relationship in cardinality?

Answer 37

Each row in the first table corresponds to multiple rows in the second table.

Question 38

What is a many-to-many relationship in cardinality?

Answer 38

Each row in one table can correspond to multiple rows in another table and vice versa.

Question 39

What is the focus of PCI compliance?

Answer 39

Protecting personally identifiable financial information (PIFI).

Question 40

Fill in the blank: PHI is similar to PII but gets its own classification because there are laws around it specifically, covering any and all _______.

Answer 40

medical records

Question 41

True or False: All credit card information is considered PCI and is protected.

Answer 41

True

Question 42

What should you do if you suspect a data breach has occurred?

Answer 42

Inform the impacted parties.

Question 43

Which part of the Data Use Agreement includes explicit details about how the data is not supposed to be used?

Answer 43

Acceptable use policy

Question 44

Which variables would be considered PII?

Answer 44

All of the following: * Geolocation * Social media post * Social Security number

Question 45

A filter that only allows a specific kind of data to be entered into a dataset can be considered which kind of entity relationship restriction?

Answer 45

Data constraint