Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

APC Mock Questions - BDG > Data management > Flashcards

Data management Flashcards

1
Q

What are the data security technologies available?

A
  1. Disk encryption
  2. Regular backups offsite
  3. Password protection
  4. Use of anti-virus software protection
  5. Firewalls and disaster recover procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is copyright?

A

A set of exclusive rights granted to the author or creator of any original work including the right to copy.

These rights can be licensed, assigned or transferred.

Form of intellectual property.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Crown Copyright?

A

Refers to all material created and prepared by the Government, such as laws, public records, official press releases and OS mapping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does GDPR stand for?

A

General Data Protection Regulation 2016

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the Data Protection Act 2018?

A

UK’s implementation of GDPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the Data Protection Act 2018 cover?

A

The Act is a complete data protection system so as well as governing personal data covered by GDPR, it covers all other general data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What did the Data Protection Act 2018 replace?

A

Data Protection Act 1998

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When did the Data Protection Act 2018 come into force?

A

25th May 2018

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does the Data Protection Act 2018 aim to do?

A

To create a single data protection regime for anyone doing business in the EU and to empower individuals to take control of how their data is used by third parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the ICO?

A

Information Commissioner’s Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How long do companies have to report data security breaches to the ICO?

A

72 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are some of the obligations under the Data Protection Act 2018?

A

There is an obligation to conduct data protection impact assessments for high risk holding of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the fines?

A

4% of global turnover or 20 million euros (whichever is greater)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Article 5(2) requires that the controller shall be responsible for what?

A

for and be able to demonstrate, compliance with principles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the 8 individual rights under GDPR?

A
  1. Right to be informed
  2. Right of access
  3. Right of rectification
  4. Right to erasure
  5. Right to restrict processing
  6. Right to data portability
  7. Right to object
  8. Right to automated decision making and profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the Freedom of Information Act 2000?

A

It gives individuals the right of access to information held by public bodies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The public body is required to supply the infomration within what period?

A

Normally 20 working days in the format requested

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What exceptions are there to the Freedom of Information Act 2000?

A
  1. Contrary to the GDPR requirements
  2. It would prejudice a criminal matter under investigation or a persons/organisation commercail interests
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How can the security of electronic data be improved?

A
  1. Firewalls
  2. Encryption
  3. Passwords
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the purpose behind the RICS Professional Statement on Data Handling and Prevention of Cybercrime?

A

Covers best practice and mandatory obligations with which RICS professionals and regulated firms must comply.

It addresses how surveyors capture, store and share data appropriately and securely and it is likely to mandate policies, practices and training for all regulated firms and members.

21
Q

What is a Subject Access Request?

A

When a user requests information under Article 15 of GDPR

22
Q

If a tenant would like access to some CCTV footage, what is required?

A

Subject Access Request

Liaise with data protection officer on what is required and what can be given

23
Q

What is a firewall?

A

Network security system that monitors and controls incoming and outgoing network traffic, based on predetermined security rules

24
Q

What is encryption?

A

Mathematical function that codes data so only authorized users can access it

Makes readable text unreadable unless a code or decryption key is known

25
Q

What are the principles of GDPR and DPA 2018?

A
  1. Information must be used lawfully and transparently
  2. Information must be collected for a legitimate and specified purpose
  3. Information must be adequate and limited to necessity
  4. Information must be accurate and kept up to date
  5. Information must be kept safe and no longer than necessary
26
Q

What are the obligations of GDPR?

A
  1. Must have knowledge of the data you store and process
  2. Must be able to delete every instance of an individuals data
  3. Must demonstrate compliance in managing data
  4. Must offer data portability
  5. Must be able to prove how information is being processed
27
Q

How do you treat / manage confidential information?

A
  1. Conduct data reviews
  2. Anonymise data where possible
  3. Encrypt data where possible
  4. Treat commercial data as personal data
  5. Understand what data we hold and how it is processed
  6. Password protection and secure data sites
  7. Use of firewalls
  8. Have a breach policy response
28
Q

What other legislation is there relating to data management apart from GDPR and Data protection Act 2018?

A

Freedom of information act 2000

Limitations Act 1980

29
Q

How long can you hold data for?

A

No specific time limit – GDPR says no longer than necessary. Organisations privacy policy should dictate

As short as possible and as agreed with the data subject

30
Q

Why was GDPR introduced?

A

To consolidate data protection laws across EU member countries and provide greater protection and rights to individuals

31
Q

Why is it important that data is uploaded correctly?

A

To ensure protection of individuals data and compliance with legislation

32
Q

When are you allowed to upload data / share date? How did you know you were allowed to do this?

A

Firms privacy notice dictates what data we hold, how it is processed and also how and when we might share with a third party and which third party it would be shared with.
For example, at the sale of a property.
This privacy notice is issued to all tenants.

33
Q

How have consent conditions been strengthened under GDPR?

A
  1. Consent must be clear and indistinguishable from other matters
  2. Consent must be provided in an intelligible and easily accessible form, using clear and plain language
  3. Must be as easy to withdraw consent as it is to give consent
34
Q

When can an individual request for their information to be deleted?

A
  1. If an individuals data has been unlawfully processed
  2. If an individuals data is no longer necessary for the purpose it was originally collected
35
Q

What is privacy of design and is it a legal requirement?

A

Implementation of security systems into the original design of management systems as opposed to later additions – yes it’s a legal requirement

36
Q

List the 7 key principles of GDPR?

A
  1. Lawfulness, fairness and transparency
  2. Purpose Limitation
  3. Data minimisation
  4. Accuracy
  5. Storage Limitations
  6. Integrity and Confidentiality
  7. Accountability
37
Q

How long can you hold data for?

A

Shortest time is 6 years for accounting VAT/tax purposes but the Limitation Act 1980 provides for a period of up to 15 years for a professional negligence claim.

Depends on different factors though such as, do they include any original contracts or leases, do they relate to a current project, do you need them to justify your fees, are the files relevant to any disputes and are they needed for any litigation.

38
Q

f an assignment completed on a lease please can you confirm how long you should hold the assignor information for on the system?

A

Would depend on the terms of the assignment

Is there an AGA in place, if so you would hold the assignor details until the end of the lease and then 6 plus one year.

Same for privity of contract

Could also argue you can hold details until arrears are cleared in full

39
Q

What are CPSEs?

A

Commercial Property Standard Enquiries

40
Q

What constitutes personal data?

A

Information relating to a person to identify that person

e.g names, photo, email, bank details, IP address

41
Q

Give some examples of personal data and how they apply to property companies.

A
  1. Data relating to investors
  2. Data relating to fund managers / Clients
  3. Valuations
  4. Compliance
  5. Bookkeeping payroll
  6. Background checks
  7. HR
  8. Tenant information
42
Q

What organisations are exempt from GDPR?

A
  1. Exceptions for organisations with fewer than 250 employees
  2. Private individuals not engaged in business activities
43
Q

What is your firms data protection policy?

A
  1. Follow legislation
  2. Suspected breaches should be reported to the individual line managers or firms data protection officer
44
Q

How do you apply your firms data protection policy?

A
  1. I ensure i have an understanding of sensitive and protected data
  2. I don’t send sensitive or protected data unless it is to the individual
  3. Anonymise information where possible
  4. I report suspected breaches
45
Q

Who regulates GDPR in the UK?

A

The Information Commissioners Office

46
Q

What are the obligations imposed by GDPR?

A
  1. MUST have knowledge of the data you store and process (including its location and security)
  2. MUST be able to delete every instance of individuals data
  3. MUST demonstrated compliance in managing data
  4. MUST be able to prove how information is being used
  5. MUST offer data portability
47
Q

What are the RICS best practice guidance points for GDPR compliance?

A
  1. Conduct data reviews to understand risks
  2. Anonymise data where possible
  3. Encrypt where possible
  4. Create breach policy response
  5. Treat commercial data as personal data
  6. Understand data processes
48
Q

Give me an example of how you process and handle confidential information?

A
  1. Use document systems to add, amend and remove information
  2. Upload files to secure data room
  3. Anonymise information
  4. Password protection to access files
49
Q

What should be included in a firms privacy notice?

A
  1. What information you have
  2. What information will be used for
  3. Which third parties you may share information with
  4. How long information is being kept for
  5. What legal right the firm has

APC Mock Questions - BDG (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions