Data Management

Question 1

What are the 8 rights of the data subject under UK GDPR 2016?

Answer 1

1. Right to be informed
2. Right of access
3. Right to recification
4. Right of erasure
5. Right to restrict processing
6. Right to data portibility
7. Right to object
8. Right to automated decision making and profiling

Question 2

How do you keep data safe?

Answer 2

• clear desk policy
• lock my computer when not infront of it
• Keep documents in relivant files on the computer where they are backed up
• Mark documents with appropriote tages (personal, confidential, public)

Question 3

What is Data Protection Act 2018?

Answer 3

• Suppliments UK GDPR 2016
• Creates single data protection regime affecting business
• Empowers induviduals to take controll of how their data is used by 3rd parties
• Gives right to be informed about how personal info is used

Question 4

What are the key requirments of UK GDPR 2016?

Answer 4

• Obligation to conduct data protection impact assesment for holding high risk data
• New rights for induviduals
• Principal of ‘Data Accountability’ ensuring organisations can prove to ICO they are complient with new legistaltion.
• Breaches must be reported to the Information Commisionrs Office within 72 hours

Question 5

Breaches of data protection?

Answer 5

• Must be reported to Information Commisioners Office (ICO) within 72 hours
• Maximum fine is the greater of 4% of the companys global turnover or £17.5 million
• Policied by ICO

Question 6

What are the 2 key principles of UK GDPR 2016?

Answer 6

• Article 5 (1) : Principals relating to storage of personal data
• Article 5 (2) : “Controller should be responsible for and be able to demonstrate complience with these principles”

Question 7

What does Article 5 (1) UK GDPR outline?

Answer 7

Principals relating to storage of personal data

• prosessed lawfully, fairly and trasparently in relation to the induvidulas
• collected for a specific, explicit and ligitimate purpouse and not to to be further processed in an incompatable manner
• acurate, kept up to date, take reasonable steps to ensure inacurate data erasued or rectified without delay
• kept in a form which permits indentification of the subject only as long as necessery for original purpouses
• propsed in a manner that ensures security including protection against unaurthorised or unlawful processing, accidental damage loss or destruction by using techingal or organisational measures

Question 8

What verbal checks do you carry out?

Answer 8

• Call the trusted individual and ask them to verify for every new payee, change of payment details and for internal payment requests.

Question 8

What does GDPR stand for?

Answer 8

General Data Protection Regulations

Question 8

What are the 3 points of cyber security Barcleys belive in?

Answer 8

1. Always conduct verbal checks
2. Aim to have a single point of contact with companies and regular payees - internally and externally
3. Always carry out due dilligance even if it causes delays

Question 9

Why is GDPR important?

Answer 9

• set of personal data prection laws for users and business

Question 10

How long can you retain personal data for?

Answer 10

As long as you need it for the original purpouse

check

Question 11

When can the right to erasure be rejected?

Answer 11

• If the information is held for a crucial purpose such as lease data for billing

Question 12

What are the 7 principals of GDPR?

Answer 12

• Article 5 – 7 principles of data storage
• Lawfulness, fairness and transparency
• Purpose limitation
• Data Minimisation
• Accuracy
• Storage limitation
• Integrity and confidentiality (security)
• Accountability