2.2 info classifications Flashcards
Some data can be partially anonymised.
Explain what is meant by the term partially anonymised [2]
where some of the personal information has been removed and replaced by a symbol.
. Identify two items of non–sensitive data which could be collected during the market research. [2]
Name (1) · Gender (1) · Age (1) · Preference for types of clothing (1)
. A retail organisation uses data and information.
i. Explain what is meant by the public information classification type. [3]
released to the public and can be seen by anyone
e.g public business info including address
A school holds records, in a database, about its students and staff. The records include personal details including name, gender, date of birth, any disabilities or medical problems and contact det
Some of the data held in the database can be classified as private. Using an example from the database, explain what is meant when classifying information as private. [4]
private information should not be available to anyone without the data subject’s permission and that the data refers to a specific individual.
Acceptable examples included gender and disabilities.
Explain, using an example, what is meant by the term sensitive. [3]
· This information could cause harm if released (1)
· Access should be safeguarded. (1)
· Example (1) e.g medical conditions / disability of victims of crime.
A hairdressers has clients including men, women and children. They are considering a new computer system to manage the bookings and to enable clients to book their appointments through an online booking system.
Identify the classification of information the appointments would be included in. Justify your choice. [3]
Business Information(1st)
· The appointments are crucial (1)
to the running of the business/hairdressers (1)
The hairdressers will be storing client details including names, addresses and contact details including mobile numbers and email addresses.
Explain why the client details would be included in the personal classification of information [4]
The contact details should not be seen by anyone (1)
who is not authorised to do so (1) and should be kept securely (1)
· The details are covered by the DPA / GDPR (1)
· Permission should be given (1) before the contact details are shared with anyone. (1)
Explain the difference between the private and public information classification. [2]
Private is: ·
only available to those who have been granted access rights (1)
Public is:
· available to anyone (1)
When the seats have been chosen the customer pays for the seats using a secure payment process. Customers have to input their contact and payment details. The payment details are stored by the theatre and are completely anonymised.
Explain what is meant by completely anonymised. [3]
Any information / data that can link it (1)
to the original source / a person (1)
has been removed (1)
Explain one positive impact to the customers of PHPS of their payment details being completely anonymized [3]
Customers know their card details are safe (1)
· Limiting risk of being used by criminals (1)
then the payment details are not able to be seen (1)
Describe one difference between partially and completely anonymised data. [2]
partially anonymised data is subject to DPA / GDPR legislation (1)s
Fully anonymised data is not subject to DPA / GDPR legislation (1)
A company email address is shown on a website home page.
Identify the information classification the email address would be included in. Justify your choice. [4]
Public / non-sensitive / business (1st) ·
The email address is readily available (1) and can be easily / quickly (1)
The company will need to show the email address (1)
so customers can contact them (1) for any questions (1)
what is non-sensitive information?
information that can be released publicly with no fear of negative consequence.
what is classified information?
highly sensitive information stored by government institution, requiring the highest levels of restricted access.
e.g crime scene reports
what is confidential information?
private data that is more restricted than sensitive information, with access limited to only those who need to know
e.g. business profits/losses or doctor notes
