Data Management Flashcards
What are some general sources of data?
- BCIS
- Comparable property prices, etc
- SPONS
- Internal libraries with previous projects
- Measurements
- Marketing particulars
- Client/personal data
When did GDPR come into effect?
May 2018
What is personal data according to GDPR
Any personal data relating to an identified natural person
Who does GDPR apply to?
All entities and individuals based in the EU, or anyone that processes personal data of EU individuals
What are the 6 principles of GDPR
- Lawfulness, fairness and transparency.
2.Accuracy. - keep up to date - Purpose limitation. - only use the data for its purpose
6.Data minimisation. - only retain info you need
5.Storage limitation. - Don’t hold personal data for longer than needed
Accountability - Confidentiality.
What happens if you fail to comply with GDPR?
- Up to 20 million euro fine (£17.5) or 4% of global turnover (whichever is higher)
Who is the controller?
they determines the purposes of any personal data and the means of processing it. .
Who is the processor?
A person who processes the data on behalf of the controller
What are the GDPR rights for individuals?
- The right to be informed
- The right of access
- The right to rectification
- The right to erase
- The right to restrict processing
- The right to data portability
- The right to object.
What do you do if you lose data?
You have to report yourself to the ISO within 72 hours if personal data has been lost
What does ICO stand for?
Information commissioners office.
What impact does covid-19 have on data management?
- Transportation of data
- Home working
- Cyber security
- Storing files online etc
Whats the RICS latest guidance on conflicts of interests?
Conflicts of interest
1st edition, March 2017
What do the ICO do?
Our role is to uphold information rights in the public interest
Tell me about the Freedom of Information 2000
- Right to info in the public sector
- Request must be in writing
- normally the public body has to respond within 20 days
What is a difference between DPA 2018/ UK GDPR and EU GDPR?
- EU GDPR states that a child can consent to data processing at age 16, whilst the DPA/UK GDPR sets this at 13.
- EU GDPR requires those processing criminal data to have official authority, the DPA/ UK GDPR does not.
- DPA Sets out data protection rules for law enforcement authorities
- Definition of personal data under EU GDPR can include IP address, DNA, cookies whereas the DPA is limited definition
What is an identifier?
a name, an identification number, location data, an online identifier.
Tell me about GDPR and DPA 2018?
The DPA 2018 sets out the data protection framework in the UK, alongside the UK GDPR.
The DPA 2018 sets out separate data protection rules for law enforcement authorities.
The UK GDPR is a UK law which came into effect on 01 January 2021. It sets out the key principles, rights and obligations for most processing of personal data in the UK, except for law enforcement and intelligence agencies.
How do firms have to show accountability under GDPR?
Have to show if required to the ICO how they comply with the regulations
