What are the six principles of GDPR?
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
Under the Data Protection Act 2018, what rights do you have in regard to what information is held about you?
You have the right to KNOW what information is held about you
Name examples of what would be classed as sensitive information with stronger legal protection?
- Trade union membership
- Sexual orientation
- Race or etnice origin
- Political opinions
- Religious or philosophical beliefs
- Genetic data
- Health related data
What are the key data protection principles?
Lawfulness, fairness and transparency.
What is the key legislation protecting user’s data?
General Data Protection Act (GDPR)
What did the GDPR replace?
The Data Protection Act 2018
What rights do individuals have under current data legislation?
- Right to access personal data
- Right to be informed about how and why their data is used
- Right to have their data rectified or erased
- Right to object
- Right to portability of data
- Right not to be subject to a decision based solely on automated processing
How long should you keep hold of project details and why?
Under hand - 6 years
Under deed - 12 years
RICS suggest 15 years
What is hard data - please give examples?
Quantifiable data based on facts and always from reliable and valid sources.
Would you do anything different if there was conflict of interest inside Arcadis on a project? (in relation to soft data storage)
Yes, you could encrypt the data and store them in folders that allows access for only a number of people can access. It is called an information barrier.
How do we store hard data and why?
Store is locally only a database; files, excel spreadsheets and store it with job numbers so people can access it.
What is the maximum penalty for an offence under GDPR?
£17.5 million or 4% of your annual worldwide turnover, whichever is higher
