Data Management Flashcards
How can data be kept secure?
Technologies:
- Disk encryption
- Regular backups off site
- Password protection
- Use of anti-virus protection
- Firewalls
What is Copyright?
A set of exclusive rights granted to the author and creator of original work
- These rights can be licenced, assigned and transferred
- Must acknowledge copy right for any information duplicated
What is crown copyright? Can you provide an example?
Relates to information produced by the government i.e laws, OS maps
What is GDPR?
General Data Protection Regulations
What is the Data Protection Act 2018?
- Came into effect in May 2018
- Relates to personal data
- The UK’s implementation of the GDPR
- Complete data protection system so also covers all general data as well as personal data
What is the aim of the Data Protection Act 2018?
- To create a single data protection regime for anyone doing business in the EU
- Empower individuals to take control of how their data is used by third parties
- Gives people rights to be informed about how their personal information is used.
What are the fines for breach of these the data protection act?
- Policed by the ICO
- 4% of global turnover of company or up to £17.5 million.
What are the key requirements of UK GDPR and the Data Protection Act?
I.R.D.D.B
- Conduct data protection impact assessments for high risk holding of data
- New rights for individuals to have access to information on what personal data is held and have it erased
- A data controller decides how and why personal data is processed and is directly responsible for GDPR
- ‘Data accountability’ ensuring that organisation can prove to the Information Commissioner’s Office (ICO) how they comply with regulations
- Data security breaches to be reported to ICO within 72 hours where there is a loss of personal data and a risk of harm to individuals
What would you do if there was a serious data breach at Mileway?
Report to ICO within 72 hours where there is a loss of personal data and a risk of harm to individuals
What rights are granted under GDPR? (IARERDOA)
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability (for use for own purposes)
- Right to object
- Rights to automated decision making and profiling (as undertaken by insurance companies)
What is the Freedom of Information Act 2000?
Gives individuals the right of access to information held by public bodies.
- The public body must give any individual requesting information whether it holds it
- Required to supply within 20 working days of request
- Can charge for the provision of information
What exemptions to the Freedom of Information Act 2000 are offered?
- If providing the information would be contrary to GDPR requirements
- If would prejudice a criminal matter under investigation or person/ company’s commercial interest
What is a data controller?
Someone who decides how and why personal data is processed and is directly responsible for GDPR
- Under Article 5(2)
What is Mileway’s data policy?
In line with the GDPR regs and found on our website
States that:
- People have rights to withdraw consent or ‘opt-out’ of marketing
- Right of access, rectification and erasure
- Data portability
- Right to restriction of processing
What are the principles of GDPR?
LPD ASIA
Article 5(1) princles:
7 keys principles:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality (security)
- Accountability
Under Article 5(2) requires that a data controller “shall be responsible for compliance with the principles”
