Data Management

Question 1

What legislation for Data Management

Answer 1

UK: Data Protection Act 2018!
EU: GDPR (General Data Protection Regulations)

Question 2

What do you need to consider when handling data?

Answer 2

Is the data:
- Lawful
- Fair
- Accurate
- Transparent
- Secure

Question 3

What things do you do to ensure safe data handling ?

Answer 3

• Only keep relevant data
• Do not keep data for longer than needed.
• Keep on secure servers
• Report breaches promptly

Question 4

What actions improve data protection daily at work?

Answer 4

• Elearning, CPD and Seminars
• Strong passwords
• Locked filing cabinets
• Secure servers
• Clear desk policy
• Erase old data

Question 5

What are the 7 key principles of Data Management (or GDPR)?

Answer 5

1. Lawful, Fair Transparent
2. Purpose limitation
3. Data Minimisation
4. Accuracy
5. Storage limitation
6. Integrity and Confidentiality
7. Accountability

Question 6

What 2 types of data are you aware of?

Give examples for both

Answer 6

Sensitive data (Age, Race, Religion - 9 protected characteristics)

Personal Data (Address, email, phone)

Question 7

What are people’s rights relating to their data under GPRD Data Protection Act?

Answer 7

Right to…
- request a copy of the data held.
- erasure.
- know how data is being used.
- restrict processing .
- rectify inaccurate data.

Question 8

What is ISO 27001?

What does ISO Stand for?

Answer 8

Information Security Management

International Organisation for Standardisation

Why:
- Data Protection systems
- Cyber security
- Client confidentiality

Question 9

If you were responsible for a data breach, who would you notify and what is the procedure?

Answer 9

Notify - Data Protection Officer (or Risk and Compliance team at FG)

1. Contact party who has been sent incorrect data and ask them to delete and not share.
2. Notify Data protection officer
3. Notify Client