How do you demonstrate Accountability in terms of data protection
demonstrate compliance with data protection laws.
What is the right to erasure?
The right for individuals to request deletion of their personal data under certain conditions.
List some of the principles of data processing under the Act.
Data must be processed lawfully, fairly, and transparently.
Data minimisation
Storage limitation
Purpose limitation
Accuracy
Accountability
Security (integrity and confidentiality)
What are the 8 rights under DPA 2018
Access
Objection
Rectification
Automated decision making.
Informed of datas existence
Data Portability
Erasure
Restrict Processing
Rights under Freedom of Information act.
Right to Access
Right to Information
Right to confirmation
No justification needed for request
Public access
Right to review
Time frames for FOI request
20 working days
What is your understanding of confidentiality
Information that can only be shared with permission.
What is meta data?
Data embedded within documents or photos. Need to be aware of meta data when sharing documents.
Benefits of cloud based storage
Backed up on encrypted servers
Accessibility is managed via online settings
Environmentally friendly.
Synchronous documents
Information barrier - how would this work in practice?
Make client aware of risks
Keep a physical and digital barrier between two teams..
Secure document storage
Key persons in GDPR?
Data Controller - determines means of processing personal data. Employer
Data Processor - person that processes personal data. Eg. Call centre
Data Protection Officer - Leadership role. Responsible for overseeing approach strategy and implementation
What is in Section 10 of CRCA 2005?
Valuation Services: An officer of Revenue and Customs may provide a valuation of property under this section for HMRC purposes, or at the request of a public authority.
What does CRCA stand for
Commissioners for Revenue and Customs Act (2005)
What Sections of CRCA are important for VOA
Sec 10 - defines specific roles and functions of VO
Sec 17 - info for one function can be used for another VOA function.
Most important Sec 18 - confidentiality except for disclosure when performing statutory functions, for criminal investigation or when permission given
Sec 19 - wrongful disclosure is punishable by jail.
Sec 23 - with hold identifiable info.
Who would you report a breach of DPA to? And how long do you have to do it.
To IOC. Information Commissioners Office within 72 hours
The VO asks for data from Ratepayers on FORs. What is their authority to do this.
Under Sched 9 of 1988 LGFA the VO can request information that they reasonably believe will assist them.
Explain the Right in DPA around automated decision making
Right to have a human review decision.
What is a Subject Access Request
Under the Data Protection Act 2018 (DPA 2018) and UK GDPR, individuals have the right to request a copy of their personal data from organizations (a Subject Access Request or SAR). Organizations must respond within one month, free of charge, and provide data securely. The DPA 2018 ensures you can ask for data to be confirmed, accessed, and corrected.
-
Ethics79
-
Client Care39
-
Health And Safety27
-
Communication And Negotiation21
-
Data Management18
-
Valuation60
-
Inspection8
-
Measurement14
-
Local tax Level 144
-
CPO7
-
Cap Tax38
-
Hot Topics34
-
Accounting20
-
Business Planning5
-
Conflict Avoidance15
-
Diversity3
-
Inclusive Environments COPY6
-
Sustainability17
-
Ethics Level 24
-
Inspection Level 2 and 315
-
Building Pathology L128
