6 - Data Management Flashcards
Can you expand on what BCIS is ?
The Building Cost Information Service, provides cost and price data for the UK construction industry. It is a part of the Royal Institution of Chartered Surveyors.
What are the principles of the data protection act ?
LADSPAL
Lawfulness, fairness, and transparency. Whenever you're processing personal data, you should have a good reason for doing so. Purpose limitation. Data minimization. Accuracy. Storage limitation. Integrity and confidentiality. Accountability.
Who enforces the data protection act ?
The Information Commissioner’s Office (ICO)
What are the penalties available ?
The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover
You mentioned budget pricing exercise, how do you ensure the data is suitable and correct ?
Use BCIS and sanity check against recent tender prices
What affect has Brexit had on data management ?
GDPR changed to data protection act 2018
What is the data protection act 2018 ?
The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or the government
What are the principles of GDPR ?
LADSPAL Lawfulness, fairness, and transparency. Whenever you're processing personal data, you should have a good reason for doing so. Purpose limitation. Data minimization. Accuracy. Storage limitation. Integrity and confidentiality. Accountability.
What are the principles of the data protection act ?
PCRCDM Proportionality Commitment (Top Level) Risk assessment Communication Due Diligence Monitor and Review
How is data governed in the UK? Does it still apply following Brexit?
The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or the government
Why is it important that we safeguard information?
As personal data can be used in various ways
What kind of information is ‘sensitive’ information?
Health records, financial information, address, educational records etc
Tell me 3 of the principles of GDPR.
LADSPAL Lawfulness, fairness, and transparency. Whenever you're processing personal data, you should have a good reason for doing so. Purpose limitation. Data minimization. Accuracy. Storage limitation. Integrity and confidentiality. Accountability.
Give me some examples of the principles of good data management.
LADSPAL Lawfulness, fairness, and transparency. Whenever you're processing personal data, you should have a good reason for doing so. Purpose limitation. Data minimization. Accuracy. Storage limitation. Integrity and confidentiality. Accountability.
Why do the General Data Protection Regulations 2018 exist?
To control how your personal information is used by organisations, businesses or the government
Which body is responsible for enforcing the GDPR?
The Information Commissioner’s Office (ICO)
What does the Freedom of Information Act enable?
The Freedom of Information Act 2000 is an Act of the Parliament of the United Kingdom that creates a public “right of access” to information held by public authorities.
What are the benefits of using external data sources such as BCIS etc?
Industry wide data
Standardisation
Data management
How do you ensure the data that you hold on your clients is kept secure and confidential?
We use an only system to carry out checks
Operate a clear desk policy
shredding of details etc
Two factor authentication of IT systems
How do you ensure only the necessary people can access the data you store about your clients?
Two factor authentication of IT systems
How long do you keep client’s data and how do you ensure it is deleted when necessary?
Dependant on the type of data and the contract
under hand - 6 years
under deed - 12 years
