Data Management Flashcards
(19 cards)
How might you verify data?
Verify data against alternative source through triangulation
Name some data security technologies.
- Disk encryption: encrypting data on a secure hard disk drive
- Regular backups off site
- Cloud storage
- Password protection and use of anti-virus software protection
- Firewalls and disaster recovery procedures
What is copyright?
A set of exclusive rights granted to the author or creator of any original work, including the right to copy
These rights can be licenced, assigned or transferred
Form of intellectual property
What is Crown Copyright?
Refers to all material created and prepared by the Government, such as laws, public records, official press releases and OS mapping
What is UK GDPR and what legislation covers it?
UK General Data Protection Regulation
Covered by the Data Protection Act 2018
What is the aim of UK GDPR and the Data Protection Act 2018?
Aims to create a single data protection regime affecting businesses, and empower individuals to take control of how their data is used by third parties
What rights does UK GDPR and the Data Protection Act 2018 give people?
Rights to be informed about how their personal information is used.
What are some of the key requirements in UK GDPR and the Data Protection Act?
- Obligation to conduct data protection impact assessments for high risk holding of data
- Rights of individuals to have access to info personal data help on them and to have it erased
- Data controller decides how and why personal data is processed and is responsible for GDPR
- ‘Data accountability’ ensuring organisations can prove to the ICO how they comply with regulations
- Data security breaches reported to ICO within 72 hours
What fines are available for breaching GDPR?
Fines of up to 4% of global turnover or £17.5m (the higher)
Who polices GDPR?
The Information Commissioner’s Office (ICO)
What article sets out the principles of UK GDPR and what does it relate to?
Article 5(1)
Relating to the storage of personal data
What does Article 5(1) of UK GDPR state?
Data must be:
- Processed lawfully, fairly and transparently
- Collected for specified, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary for the purposes by which they are possessed
- Accurate and up to date
- Processed in a manner that ensure appropriate security
What does Article 5(2) in UK GDPR relate to?
Requires that “the controller shall be responsible for, and be able to demonstrate, compliance with the principles”
What are the 8 individual rights under UK GDPR?
- Right to be informed
- Right of access
- Right of rectification
- Right of erasure
- Right of restrict processing
- Right of data portability (to use for their own purposes)
- Right of object
- Right of automated decision making and profiling (as undertaken by insurance companies)
What is the Freedom of Information Act and what year is it?
2000
Gives individuals the right of access to information held by public bodies.
- Public body must tell any individual requesting sight of information whether it holds it
- Public body is required to supply it in 20 working days in the format requested
- Can charge for the provision of the information
When can there be exemptions to the Freedom of Information Act 2000?
If it is contrary to GDPR requirements
If it would prejudice a criminal matter under investigation or a person’s/organisations commercial interest
How can security of data be improved?
Security of electronic data:
Firewalls
Encryption
Cloud-based systems
Passwords
How does an an NDA work?
Legally enforceable contract between two parties relation to sensitive information
Agreement will create a confidential relationship between a person who has sensitive information and a person who has access to that information
What happens if an NDA is breached?
The party that was harmed by the breach of the NDA can take legal action to enforce the agreement and seek damages for any losses incurred.
