Data Management

Question 1

What are some benefits to a cloud based storage system?

Answer 1

Information is backed up second, accessibility can be managed via online settings, multiple uses can access the same documents

Question 2

Who are the key persons outlined within GDPR?

Answer 2

1. Controller, the person who determines the purposes and means of processing personal data.
2. Processor, the person who processes the personal data on behalf of the controller.
3. Data protection officer, the leadership role required by EU GDPR, they are responsible tor over seeing the data protection approach

Question 3

What are the 8 rights under GDPR?

Answer 3

BARE CORD
1. The right to be informed
2. The right of access
3. The right of rectification
4. The right to erasure

5. Rights concerning automated decision making and profiling
6. The right to object
7. Right to restrict processing
8. Rights to data portability

Question 4

What is the VOA’s primary disclosure for data legislation?

Answer 4

CRCA 2005

Commissioners for Revenue and Customs Act 2005

Question 5

What is the CRCA

Answer 5

Commissioners for revenue and customs act 2005

It ensures all information held by the VOA is covered by the duty of confidentiality

It specifies when that information may be disclosed

Sections 17-23 relate to information

Question 6

Freedom of Information Act

Answer 6

• primary piece of legislation that controls access to information
• it permits the public right of access to information he’d by public authorities
• it cover all information held not just since the act came into place

Question 7

What is the meaning of a non disclosure agreement?

Answer 7

• used to protect against the disclosure of any confidential data
• typically clients request that the recipient signs a non-disclosure agreement
• used to prevent information being used by competitors

Question 8

If 2 separate departments within your firm were working for 2 rival companies, how would you ensure client sensitive data was managed?

Answer 8

• make the client aware of the risks
• make the clients aware of the conflict of interest
• obtain letter of instruction to continue from the client
• non-disclosure agreement considered
• separate working locations
• secure data locations

Question 9

What are some benefits of cloud based storage?

Answer 9

• information is backed up securely
• encrypted servers
• accessibility can be managed
• environmentally friendly

Question 10

What is you understanding of the term confidentiality?

Answer 10

Where information is provided but subject to confidence and not shared without permission

Question 11

What are your organisation strategies to protect against a data breach?

Answer 11

1. Password protection
2. Multifactor authentication
3. Anti virus and malware
4. Access passes into the office

Question 12

Why would you not be permitted to take a photograph with a person in the photo?

Answer 12

Under UK GDPR and the data protection act you would not be allowed to take a photograph identifying a person and then use this photo for a business purpose or publish it

Question 13

What are the data protection principles?

Answer 13

SAIL PAD
1. Storage limitation
2. Accuracy
3. Integrity
4. Lawful

5. Purpose limitation
6. Accountability
7. Data minimisation

Question 14

You state you have to be mindful on confidentiality what does that term mean?

Answer 14

Keeping sensitive information private and protected

Question 15

How would you respond if you took a photograph and realised that this contained something confidential?

Answer 15

Securely delete the photograph and ensure that it is not within any reports or used for business purposes

Question 16

You raised a data breach with your manager, who would you escalate this to if they were not available?

Answer 16

Data protection officer

Question 17

Who is the data protection officer within your organisation?

Answer 17

David Burke

Question 18

How would you deal with a data breach if you were the one who committed it?

Answer 18

Contact the data protection officer within 72 hours but my organisation advise 48 hours.

Contact who i have sent data to and request they delete the email and confirm when done

Question 19

Why is it important to stored data securely?

Answer 19

• allows data to remain confidential
• prevents data breaches occurring

Question 20

In what manner should data be processed?

Answer 20

In a necessary, proportionate and responsible manner

Question 21

What measured are in place in your organisation to ensure data is stored securely?

Answer 21

1. Regular back ups
2. Encryption
3. Access controls
4. Password protection
5. Lock screens when away from desk
6. Antivirus and malware software

Question 22

Under what section of the CRCA 2005 can the VOA disclose information externally and what are these circumstances?

Answer 22

Section 18 of the CRCA 2005
1. Taxpayer consent
2. Essential function
3. As part of civil proceedings

Question 23

What are the penalties outlined under CRCA?

Answer 23

Section 19 outlines up to 2 years imprisonment and / or unlimited fine

Question 24

Does the freedom of information act 2000 apply to your organisation?

Answer 24

• yes, it gives individuals the right to request information held by public sector and the request must be in writing

Question 25

Under what circumstances can a freedom of information request be denied?

Answer 25

- too timely or costly - repeat request - contravenes with GDPR

Question 26

Give an example of a freedom of information request that might apply to your organisation?

Answer 26

Request information on other properties along the street

Question 27

How would you proceed with a freedom of information request?

Answer 27

Forwards to the freedom of information team They then issue a response in writing within 20 working days

Question 28

Why is it important to store data securely?

Answer 28

Prevents data breaches or leaks occurring. Allows data to remain confidential.

Question 29

What is the difference between a leak and a breach?

Answer 29

Breach is deliberate where someone with unauthorised access gains access to data. However, a leak is an accidental release of data.

Question 30

Under what section of CRCA 2005 can the VOA disclose information externally and what are these circumstances?

Answer 30

S18 CRCA 2005 - Taxpayer consent - Essential function - As part of civil proceedings etc

Question 31

Under what circumstances can a FOI request be denied?

Answer 31

- Too timely or costly - Repeat request - Contravenes from GDPR

Question 32

Give an example of a FOI request that might apply to your organisation

Answer 32

Request information on other properties along the street

Question 33

How would you proceed with an FOI request?

Answer 33

Forward to FOI inbox in which we have a designated team to issue a response in writing within 20 working days.

Question 34

What is GDPR

Answer 34

GDPR (General Data Protection Regulation) is a strict 2018 EU law governing how organizations handle personal data

Question 35

What is the data protection act?

Answer 35

2018 The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (UK GDPR), controlling how personal information is used by organisations, businesses, and the government.

Question 36

What are the 6 principles of the bribery act 2010?

Answer 36

1 proportionate procedures 2 top level commitment 3 Risk assessment 4 due diligence 5 communication 6 monitoring and review

Question 37

What is the bribery act?

Answer 37

Its a law which criminalisies bribery with imprisonment and fines

Question 38

what should data be?

Answer 38

VAUR verified accurate up to date reliable

Question 39

name some ways to keep data secure?

Answer 39

fire walls passwords not leaving devices unattended encryption virus protection

Question 40

what are some data security threats you may face?

Answer 40

phishing ransomware hacking loss or theft