Data Management

Question 1

How can data be kept secure?

Answer 1

Technologies:
- Disk encryption
- Regular backups off site
- Password protection
- Use of anti-virus protection
- Firewalls

Question 2

What is Copyright?

Answer 2

A set of exclusive rights granted to the author and creator of original work
- These rights can be licenced, assigned and transferred
- Must acknowledge copy right for any information duplicated

Question 3

What is crown copyright? Can you provide an example?

Answer 3

Relates to information produced by the government i.e laws, OS maps

Question 4

What is GDPR?

Answer 4

General Data Protection Regulations

Question 5

What is the Data Protection Act 2018?

Answer 5

• Came into effect in May 2018
• Relates to personal data
• The UK’s implementation of the GDPR
• Complete data protection system so also covers all general data as well as personal data

Question 6

What is the aim of the Data Protection Act 2018?

Answer 6

• To create a single data protection regime for anyone doing business in the EU
• Empower individuals to take control of how their data is used by third parties
• Gives people rights to be informed about how their personal information is used.

Question 7

What are the fines for breach of these the data protection act?

Answer 7

• Policed by the ICO
• 4% of global turnover of company or up to £17.5 million.

Question 8

What are the key requirements of UK GDPR and the Data Protection Act?

I.R.D.D.B

Answer 8

• Conduct data protection impact assessments for high risk holding of data
• New rights for individuals to have access to information on what personal data is held and have it erased
• A data controller decides how and why personal data is processed and is directly responsible for GDPR
• ‘Data accountability’ ensuring that organisation can prove to the Information Commissioner’s Office (ICO) how they comply with regulations
• Data security breaches to be reported to ICO within 72 hours where there is a loss of personal data and a risk of harm to individuals

Question 9

What would you do if there was a serious data breach at Mileway?

Answer 9

Report to ICO within 72 hours where there is a loss of personal data and a risk of harm to individuals

Question 10

What rights are granted under GDPR? (IARERDOA)

Answer 10

1. Right to be informed
2. Right of access
3. Right to rectification
4. Right to erasure
5. Right to restrict processing
6. Right to data portability (for use for own purposes)
7. Right to object
8. Rights to automated decision making and profiling (as undertaken by insurance companies)

Question 11

What is the Freedom of Information Act 2000?

Answer 11

Gives individuals the right of access to information held by public bodies.
- The public body must give any individual requesting information whether it holds it
- Required to supply within 20 working days of request
- Can charge for the provision of information

Question 12

What exemptions to the Freedom of Information Act 2000 are offered?

Answer 12

• If providing the information would be contrary to GDPR requirements
• If would prejudice a criminal matter under investigation or person/ company’s commercial interest

Question 13

What is a data controller?

Answer 13

Someone who decides how and why personal data is processed and is directly responsible for GDPR
- Under Article 5(2)

Question 14

What is Mileway’s data policy?

Answer 14

In line with the GDPR regs and found on our website
States that:
- People have rights to withdraw consent or ‘opt-out’ of marketing
- Right of access, rectification and erasure
- Data portability
- Right to restriction of processing

Question 15

What are the principles of GDPR?

LPD ASIA

Answer 15

Article 5(1) princles:

7 keys principles:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality (security)
- Accountability

Under Article 5(2) requires that a data controller “shall be responsible for compliance with the principles”