Data Management

Question 1

What data sources do you use in your day to day work?

Answer 1

• CoStar
• Datscha
• CACI
• Land Registry
• GOAD

Question 2

What is the critical step when using online databases?

Answer 2

To verify as far as reasonably possible the data provided.

Question 3

What are the means of verifying data?

Answer 3

1. Talk to source eg. Agents

2. Triangulate - Where you look to confirm the same data via separate sources.

Question 4

What is the key principle of data storage?

Answer 4

That data is safely stored but accessible to those who need it.

Question 5

What are some methods you might use to protect data?

Answer 5

• Fire wall
• Restricted file access
• Password
• Disk encryption
• Backups
• Safe

Question 6

How does BNPPRE ensure the confidential data it holds is kept safe?

Answer 6

• Restricted file access
• Passwords
• Backups

Question 7

What is the relevant legislation that governs data and its protection?

Answer 7

GDPR 2016 and the Data Protection Act 2018

Question 8

What is the difference between GDPR 2016 and Data Protection Act 2018?

Answer 8

GDPR = Clear obligation for businesses using personal data in the EU, with sanctions

Data Protection Act = UK implementation of GDPR rules

Question 9

What responsibilities does GDPR / DPA 2018 set on UK Businesses?

Answer 9

• Undertake impact assessments
• Responsibly use data
• Keep records
• 8 rights of individuals to their own personal data

Question 10

What is the penalty for breaching GDPR / DPA 2018?

Answer 10

Either

• £20m fine; or
• Fine at 4% of global turnover.

Whichever is higher!`

Question 11

What are the individual rights that all people have regarding their personal data?

Answer 11

1. Informed
2. Access
3. Rectification
4. Erasure
5. Object
6. Avoid automated decisions
7. Restricted processing
8. Portability

Question 12

What are the principles of GDPR?

Answer 12

Data storage must be:

• Lawful
• Limited
• Legitimate
• Accurate
• Protected
• Confidential
• Accountable

Question 13

Is there any RICS core materials on Data?

Answer 13

No, however there is a proposed new professional statement: ‘Data Handling and the prevention of cyber crime’

No date set

Question 14

What is the purpose of the proposed PS ‘Data handling and the prevention of cyber crime’?

Answer 14

To set mandatory guidance for RICS members on the capture, storage, security and usage of data.

Question 15

What did you learn in your CPD on data protection?

Answer 15

BNPPRE Data Protection Awareness

• What constitutes personal data
• Relevant regulation
• Sanctions

Question 16

What constitutes personal data?

Answer 16

Any information that may relate to the identification or identifiable nature of a person.

• telephone no.
• credit card details
• number plate
• address
• appearance

Question 17

In your example regarding relocating headquarters in London, how did the data you gather help you in making recommendations regarding sites to the client?

Answer 17

The client wanted an office that would help them attract and retain talented staff. Transport, shopping and nightlife amenities important to them.

Question 18

In your example regarding relocating headquarters in London, what confidential data were you using?

Answer 18

• Addresses of employees

- Consultation notes with employees

Question 19

How do you set up a password on a document?

Answer 19

File –> info –> protect –> encrypt with password

Question 20

In your COVID-19 pandemic info example, what were the limitations on the use of the data?

Answer 20

Some of the information we were provided with were agreed in confidence with their landlords. Therefore, this information could not be used directly in negotiations. It could only be referenced without name.

Question 21

In your COVID-19 pandemic info example, how did you flag the data?

Answer 21

Any NDA data was highlighted in red in the document. The document was also labelled with the word “confidential” in the title. It was also password protected, and access was only given to staff members who were aware of what was confidential in the document.

Question 22

Tell me about any AVMs that your company uses for valuation purposes?

Answer 22

Argus Investor and Argus Developer

Question 23

What is data/disk encryption?

Answer 23

The process of converting information into an alternative form where only authorised parties can convert it back.

Question 24

What is a firewall?

Answer 24

Monitors and controls incoming and outgoing network traffic. A barrier between trusted and untrusted networks.

Question 25

Tell me about a property information system you have assisted in making or maintaining?

Answer 25

Lease advisory adjustment schedule

Question 26

What records are still kept manually in your office?

Answer 26

Converted to paper light so very little. Anything considered essential to retain is in secure storage and can be called back to the office within 2 days.

Question 27

Outline some client reports where you have relied upon property information systems?

Answer 27

LA work (CoStar and PIPnet)
Research (Datscha)

Question 28

If a company has a data breach, what must they do?

Answer 28

• Inform the person(s) affected

- Inform the Information Commissioners Office (ICO) in 72 hours

Question 29

What is ‘data accountability’?

Answer 29

A new principle that companies must be able to prove to the ICO that they comply with the Data Protection Act 2018.

Question 30

What is copyright? What do they provide?

Answer 30

Rights granted to an author / creator / owner which prevents other companies marking copies of that product for a certain time period. Can be licence, assign or transfer.

Question 31

What must you do when dealing with copyright material?

Answer 31

Acknowledge the copyright in any work

Question 32

How does BNPPRE comply with GDPR?

Answer 32

• Staff training
• Ensure data is for specific and legitimate purposes
• Regularly update KYCs

Question 33

What is an NDA? How does it work?

Answer 33

A non disclosure agreement. This is where two parties agree that they will not disclose the details of a matter or transaction to any third party.

Question 34

What is the freedom of information act 2000?

Answer 34

Every member of the public has the right to request information from public authorities. They also have the right to know what information is held on them by companies.