Data Management

Question 1

What is the Data Protection Act 2018?

Answer 1

Replaces the 1998 legislation and controls how personal information is used by organisations, businesses, or the government

Designed to protect personally identifiable information (personal data).

Complete data protection system as well as the UK’s implementation of EU General Data Protection Regulation (GDPR).

Question 2

How do you ensure data is protected and secured?

Answer 2

I would make sure to follow my company’s data protection policy. This includes:

Locking my computer when away

Paper free desk and using my locker for confidential information

Use shredder for documents

Question 3

What is BCIS?

Answer 3

Building Cost Information Service

Cost and price information is collected by BCIS from across the UK construction industry, then collated, analysed, modelled, interpreted, and made available to the industry to facilitate accurate cost planning.

Question 4

What is SPONS

Answer 4

Price book for accurate price data for the UK construction industry.

Question 5

What amendments/checks are needed before using in house data?

Answer 5

I ensure its relevant information in terms of scope/size etc

Use location/date indices to bring it to present day

if I’m using it for benchmarking, I hide names of the project/ensure client is okay with me using the data

Question 6

How does Socotec collect, analyse and store data?

Answer 6

BQ information stored on dropbox or hard copy files

Analyse to ensure you have permission for the correct purpose e.g. hold information for a project, but don’t want marketing updates. Day to day analyse data, and using costs from previous projects.

Organised by project, with defined filing structure and sub-folders

Question 7

How do electronic databases work?

Answer 7

Store files in an online server that is backed-up

Select files are only shared with relevant members of the team

Question 8

What happens to GDPR post brexit?

Answer 8

It is part of UK law

Question 9

What are the principles of GDPR?

Answer 9

1) Lawfulness, fairness, and transparency
* Tell the subject what data processing will be done

2) Purpose limitation
* Personal data can only be obtained for specific, explicit, and legitimate purposes

3) Data minimisation
* Data collected on a subject must be adequate, relevant, and necessary

4) Accuracy
* Data must be accurate and kept up to date

5) Storage limitation
* Personal data is kept in a form which permits identification of data subjects for no longer than required

6) Integrity and confidentiality
* Protect against unlawful processing, accidental loss, destruction, or damage

7) Accountability
organisations must provide evidence that steps have been taken to demonstrate compliance. This is achieved by appointing a data protection officer, evaluating current practices, and creating a personal data inventory.

Question 10

What happens if you breach GDPR?

Answer 10

Fines upto £18m or 4% of turnover for breaches
Breaches of GDPR - 72 hours to notify information commissioners office

Question 11

What is GDPR?

Answer 11

Give greater protection and rights to individuals -updated due to technology advances

Applies to organisations that collect, store, or process the personal information of individuals residing in the EU

Large data controllers must appoint data protection officers

Question 12

Difference between data protection act 2018 and 1998?

Answer 12

Implementation of GDPR

Identification of a right to erasure stemming from the right to privacy of individuals