Data Management Flashcards

1
Q
  1. Can you name the recently introduced regulations set out to control how companies manage data they hold?
A

General Data Protection Regulations (Data Protection Act 2018 is UK’s implementation of it)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can you name the legislation this is supported by?

A

Data protection Act 2018

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the seven principles set out in the GDPR? You do not need to name all, just 3 or 4.

A

“Make sure that information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the “Golden Thread”?

A

The golden thread is both: the information about a building that allows someone to understand a building and keep it safe, and. the information management to ensure the information is accurate, easily understandable, can be accessed by those who need it and is up to date.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain the role of duty holder and acountable person?

A

The duties will be placed on those who commission building work, participate in the design and construction process and those who are responsible for managing structural and fire safety in the building when it is occupied.

These people will be called dutyholders during design, construction phase. When a building is occupied, the Accountable Person will be responsibly for coordinating the golden thread of safety information and keeping the golden thread updated and ensuring it is accurate and accessible. If there are multiple Accountable Persons then the Principal Accountable Person will take lead responsibility for the golden thread. When a building is being refurbished this may involve both dutyholders, the Principal Accountable Person and Accountable Persons, as many buildings will remain occupied during refurbishment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the Data Protection Act 2018 and what is its purpose?

A
  • The UK’s implementation of the General Data Protection Regulation (GDPR)
  • Controls how personal information is used by organisations, businesses or the Government.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can you name any of the eight principles related to the protection, processing, and movement of data in the Data Protection act 2018?

A

1 – Fair and Lawful
2 – Purposes
3 – Adequacy
4 – Accuracy
5 – Retention
6 – Rights
7 – Security
8 – International transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key duty holders in GDPR & key obligations.

A

The information commissioner
Data controllor (within a firm) is reponsible for GDPR

Firms must undertake data impact assesments on high risk data holding.
data breaches refered to ICO within 72 hours
Fines can be 4% of global turnover or 20m euros whatever is higher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the 6 Key Principles of GDPR?

A

Information used lawfully, fairly and transparently
◼ Collected for specified, explicit and legitimate purposes
◼ Adequate, relevant and limited to necessity
◼ Accurate (kept up to date)
◼ Kept no longer than necessary
◼ Kept safe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Individual Rights of GDPR and DPA (8 Key Points)

A

◼ To be informed
◼ To access
◼ To rectification
◼ To erasure
◼ To restrict processing
◼ To data portability
◼ To object
◼ To automated decision making & profiling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

GDPR and DPA Penalties

A

Fines (4% of annual global turnover or 20 million euros)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the 7 principles of GDPR?

A
  • Lawfulness, fairness and transparency.
  • Purpose limitation.
  • Data minimisation.
  • Accuracy.
  • Storage limitation.
  • Integrity and confidentiality (security)
  • Accountability.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the Key principles of GDPR?

A
  • Lawful fair and transparent
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why is Data Management important in
the your area of practice?

A

 Financial management
 Forecasting
 CRM
 Statistical Analysis
 Report Writing
 Tendering Success
 Fee pricing
 Organisational Management
 Legal implications
 Planning
 CPD
 Research

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

 Where do you get information or data from in your area of practice?
 How do you use that data?

A

 GDPR
 Price books
 Tenders
 Property sales records
 Companies House
 Land registry
 Electoral Register
 Government departments
 Membership records
 Internet
 CRM (ACT)
 Data collection companies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What systems are there available for the management of information or data in your area of practice?

A

Examples of systems to collect data:

Clip-boards
 Hand-helds
 Cameras
 Lap-tops
 Census forms
 Surveys (on-line)
 Mapping (OS)
 Lasers
 Satellites
 Infra red surveys

Examples of data management systems

 Software
 Excel
 Sage ACT
 Databases
 Outlook
 Hard
 Data storage facilities
 Property records
 Banks
 Books
 Librarie

17
Q

Why is data management important in a
legal sense?

A

Legal / contractual / professional issues

 FOI Act
 Data Protection Act (8 Principles)
 GDPR
 Storage time frames of legal
documentation
 6 years for VAT
 Various time frames from 3
to 15 years
 RICS CPD requirements?

18
Q

How is GDPR affecting your
role/company?

A

 Used fairly and lawfully
 Used for limited, specifically
stated purposes
 Used in a way that is adequate,
relevant and not excessive
 Accurate
 Kept for no longer than is
absolutely necessary
 Handled according to people’s
data protection rights
 Kept safe and secure
 Not transferred outside the
European Economic Area without
adequate protection