Module Recap

Module Recap

 

  • – Data security is the prevention of unauthorised access to, abuse of, misuse of or loss of personal data.
  • – All businesses must ensure that appropriate technical and organisational measures are taken against unauthorised or unlawful processing, loss, destruction or damage of personal data.
  • – Your business should also consider the risks of data falling into the wrong hands and outline the steps to be taken to minimise or prevent these risks.
  • – In the event that data held by you is lost or stolen then you must alert the ICO and all the individuals who might potentially be affected.
  •  The Act gives individuals a right to access their personal information.If someone sends you a subject access request you must provide them with a copy of their information within 40 days.
  • – If someone makes a written request they are entitled to know whether any personal data is being processed, why and how it’s being used and the source of the data. You can do an identity check before you give out this information.
  • – An individual can also request reasoning behind any automated decisions, such as the denial of a credit card, and ask for the assessment to be reviewed by a person.