Data Management Flashcards
What is Arup’s policy on data management?
- Ensure personal data is only shared when necessary under an appropriate contract and seek assurances the 3rd party has adequate security procedures
- Promptly report loss of personal information
What are the benefits of cloud based storage systems?
- Information backed up securely on encrypted servers
- Often cheaper than physically storing and managing
- Convenient to send and share files
- Multiple users can access the documentation
- Synchronisation enables multiple workers at the same time
What is the meaning of a non disclosure agreement?
- Used to protect against the disclosure or sharing of confidential data
- Prior to sharing, the clients will typically request the recipient signs to an NDA
If 2 separate departments were working for 2 rival companies, how would you ensure client sensitive data was managed?
- Inform client of the risks
- Make them aware of the COI
- Seek Letter of Instruction to continue
- Exclusivity of staff
- Use of NDA
- Single lines of communication
Who are the key persons outlined within GDPR?
Controller
- Natural person or legal entity that determines the purpose or means of processing personal data
Processer
- Process the personal data on behalf of the controller
Data Protection Officer (DPO)
- Leadership role required by EU where data of EU citizens is handled
What are the 8 individual rights under GDPR?
- Right to be informed on use of data
- Right of access
- Right to rectification
- Right to be forgotten
- Right to restrict processing
- Right to data probability
- Right to object
- Right to individual decision making and profiling
What things must companies put in place to ensure GDPR compliance?
- Raise awareness across business
- Audit all personal data
- Update privacy notice
- Review procedures supporting individuals rights
- Review how seek, gain and retain consent
- Appoint Data protection officer
What are the 7 principles of Data Protection Act?
- Lawfulness, fairness & transparency - only use as expected and clear on what is being collected
- Purpose limitation - only collected & used for specific purposes
- Data minimisation
-Accuracy - make efforts to ensure Data is accurate & kept up to date - Storage limitation - must not be kept for longer than necessary
- Integrity & confidentiality - measures to protect Data
- Accountability - for how Data is handled
What is GDPR? How is it related to the Data Protection Act?
General Data Protection Regulation
Transposed in to uk Law by DPA 2018. More transparent & accountable for data held than in 1998
What types of data do you use most commonly in your work?
- Contact details of clients, contractors, consultants
- Cost data
- Financial figures
How do you protect client data and confidential information?
- Locking laptops when away from my desk
- Ensuring filing cabinets are locked
- Don’t leave sensitive documents lying around
Does your firm use any commercial software for estimating, billing and the like? How does this benefit your firm?
- CostX
- Provides a standardised approach that all staff are familiar with and can follow
- Allows for consistency of documents so that all documents issued under the name of Arup have a uniform appearance
- Improves efficiency through measurement and cost planning processes interlinking and allows reports to be generated from the software
What is good file management?
A logical progression in structuring files. Helpful if there is a claim or dispute. Should include:
- Notes on checks for previous involvement, COI and resolutions
- Terms of engagement
- Copies of documents, plans, emails, site notes, calculations
- Records of key decisions
- Copies of deliverables to the client
What is ISO9001?
International Organisation for Standardisation
Requirements for quality management systems in providing a consistent approach in services
Audited 3 years
What is GDPR?
EU law that gives individuals more rights on control of data
General Data Protection Regulations
