Other Mandatories Flashcards
Data mgmt - what is your understanding of the term confidentiality?
info is provided but is
subject to confidence
must not be shared without permission
What is your understanding of the term meta data? And why is it important?
Meta data is info about a specific piece of data
e.g. cost plan meta data = author, file size, date of doc
must affort the meta data same level of care as the other info
ensure meta data which is sensitive or confidential is not inadvertently shared. (Meta data may be the confidentiality key)
What is your understanding of Intellectual Property and Copyright?
this is the right to control the use and ownership of original works
employee works usually below to employer unless copyrights put in place
client often granted licence for use and reproduction of copyright material, in construction; should be clearly defined in appointment docs
e.g. right to use subco specialist design, but subco retains the original copyright
What is the Freedom of Information Act 2005?
UK legislation, controls access to official information
Permits public rights of access to info held by public authorities
Info must be published through public authorities publication scheme
Act covers all info held and not just info since the act came into effect
What are the benefits of a cloud based storage system?
- info backed up securely on encrypted servers
- accessibility managed via online settings
- cloud syst often cheaper than physically managing and storing files
- convenience of send and share online over physical post
- more enviro friendly
- multiple user access to same doc
- doc and folders can by synchronized
What is the meaning of a non-disclosure agreement?
- protect disclosure or sharing of confidential data
- NDA signed before confidential info disclosed
- confidential, sensitive, innovative IP shared to prx use by competitors
How manage client data if two departments work for rival companies?
- make client aware of risks, check understanding of the COI
- check informed consent and letter of instruction to continue obtained from the client
- exclusivity of staff arranged
- consider use of NDA
- physically separate working locations for teams
- separate document and data storage, secured from other team, arranged to maintain exclusivity
What is the Data Protection Act 2018?
- replaces 1998 legislation
- how personal data processed by organisations and the govt
- it is the UK legislation implementing the EU General Data Protection Regulation
Key principles of the DPA 2018? (what does the act do?)
Ensure that data:
- used fairly, lawfully and transparently,
- adequate, relevant and limited to the purpose intended
- retained no longer than necessary
- processed securely, protected against unlawful use, loss or destruction
Persons rights under DPA 2018?
Right to:
- be informed of how data used
- right to access their data
- right to have incorrect info updated
- right to have data erased
- to stop or restrict the processing of their data
- the right of portability
- to object to the use of their data
Key persons outlined in GDPR?
- Controller - person or legal entity who determines purpose and means of processing e.e. for an employee, the employer is controller
- Processor - person or legal entity who processes the info on behalf of the controller e.g. a call centre
- Data Protection Officer (DPO) - req by EU GDPR for companies that process the data of EU citizens, they oversee the Data Protection approach, strategy and implementation.
7 principles of DPA 2018
Lawfulness, fairness and transparency.
Purpose limitation.
Data minimisation.
Accuracy.
Storage limitation.
Integrity and confidentiality (security)
Accountability.
