Flashcards in Data Management Deck (12)
What is the Data Protection Act 1998?
The data protection act governs the protection of personal data in the UK.
What does the Data Protection Act 1998 do?
- It is designed to protect personal data stored on computers or in an organised paper filing system
- It controls the way in which data is stored and handled
- It gives rights to people that have data stored about them
- 8 freedoms, similar to GDPR
What is GDPR?
General Data Protection Regulation
What can you no longer do under GDPR?
What are the rights of the individual under GDPR?
- to opt-in to information to sent to them
- the right to be forgotten (does not apply in certain situations e.g. legal)
- the right to know what information is held about me
There are 8 rights for individuals in total.
Who is the GDPR regulator?
ICO - Information Commission's Office
What are the potential penalties under GDPR?
£20m or 4% of global turnover, whichever is the higher
How would you respond if your company suffered a significant data breach?
Report it to the ICO within 72 hours from when it started
How did your company prepare for the implementation of GDPR?
- - Training
- GDPR compliance officer
How would you protect the information you are sending to a third party?
- Send hard copy
- Encrypted information password protected
When did GDPR come into effect?