Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Chapter 19: Data > Personal and data legislation > Flashcards

Personal and data legislation Flashcards

(10 cards)

Start Studying
1
Q

What does personal data refer to?

A

Relates to information in respect of an individual where the individual can be identified or
where the data combined with other information could allow individual to be identified
- Organisations often accumulate large amount of information about an individual
- Technology allows collection, storage and use of large amounts of information
about individuals in a more diverse way
- Banks gather information from sources such as transactions on current accounts and
credit cards which allow them to apply data science techniques in many ways
- Organisations have responsibilities when acquiring and maintaining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How do data protection laws safeguard the rights of individuals?

A

Many countries have data protection laws to safeguard the rights of individuals with
regards to how the organisations can :
o Process the personal data
o Maintain the personal data
- The relevant regulations vary by jurisdiction (although the objectives and expected
behaviour are often similar)
- Example : POPIA ( protection of Personal Information Act)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

8 Conditions under POPIA

A
  • Accountability: party responsible for processing data has to comply with POPIA
  • Process limitations: information must be processed in a fair, lawful and relevant manner after consent is given
  • Purpose specifications: info must be collected for a specific purpose
    -Further processing limitations: further processing must be compatible with initial collection purpose
  • Information equality: Data completeness, accuracy and updates to be
    ensured by holder of the data
    -Openness: Documentation to be maintained on all processing
    operations
    Transparency must be maintained on data use
  • Security Safeguard: Integrity and confidentiality of personal data must
    Security Safeguard
    be secured
    All processing must be done by only authorised
    operator
    Notification to be done on security compromises
  • Data subject participation: Data subject may request confirmation of personal
    data held
    Request corrections or deletion of any inaccurate,
    misleading or outdated information held
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data processing

A
  • Carrying out operations on data
  • To retrieve , transform or classify information
  • Data is collected and transformed into usable information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Possible non-compliance consequences

A
  • Prosecution for criminal offences
  • Fine for serious breaches ( in monetary terms/ jail time)
  • Compensation to data subject for damages
  • Reputational damages ( in the case of having adverse publicity )
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cyber attacks

A
  • Access to organisation’s electronic data by hackers from outside that organisation
  • Has resulted in an increase in breaches and consequent fines
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Careful considerations should be given to:

A
  • Quality and standard of the information systems use to store and process personal
    data to:
    ▪ ensure high level of security
    ▪ appropriate processing
    ▪ ability to correct or delete irrelevant or incorrect personal info held
  • POPIA requires the appointment of information officer and the drafting of relevant
    policies
  • Companies should keep up to date with regulatory requirements and updates
  • Appropriate allowance should be made for compliance : ( costs of compliance )
  • Information officer cost
  • Systems implication costs
  • Continuous system management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Competition legislation

A
  • These may also limit the use to which data can be put
  • Prohibited Acts :
    ▪ Anti-competitive agreements where data is shared among small number of
    companies to fix prices in particular markets
    ▪ Abuse of dominant market position – imposing unfair trading terms (
    exclusivities )
  • Consequences of non- compliance with competition laws :
    o Fines
    o Awards for damages
    o Disqualification of company directors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Personal data

A

Relates to information in respect of an
individual where the individual can be
identified or where the data combined with
other information could allow individual to
be identified
Organisations have responsibilities when
acquiring and maintaining personal data (
these include dealing responsibility with
personal data)
o Name
o Address
o Personal email address
o Occupation
o Date of birth
o Health status
o Race or ethnicity
o Criminal record

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Sensitive personal data

A
  • Type of personal data in which its disclosure
    to others without con sent could cause an
    individual a high level of stress or damages
  • Subject to more stricter regulation than
    ordinary personal data
  • Subset of personal data
    eg.
    Racial or ethnicity group
  • Political opinions
  • Religious
  • Philosophical beliefs or other forms of
    beliefs
  • Membership of trade union
  • Physical or mental health conditions
  • sexual life or sexual orientation
  • Convictions, proceedings and criminal
    acts
  • Genetic or biometric data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Chapter 19: Data (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions