Data Management

Question 1

How long do you need to keep data for?

Answer 1

• 6 years if the contract is signed underhand
• 12 years if the contract is signed as a deed
• RICS recommends up to 15 years, this is the limitation period for most legal claims

Question 2

What type of data systems are used in your organisation?

Answer 2

• Shared hard drives
• Backup servers
• Online storage systems such as Dropbox
• Software such as Microsoft Teams
• Project extranet

Question 3

What is a project extranet system?

Answer 3

A computer network that allows external parties to view project files on a secure platform.

Key Advantages:
- Improves communication
- 24-hour access
- Efficient
- Secure (access and permission settings can be applied)

Key Disadvantages:
- Can be expensive
- Requires maintenance
- May require user training to operate

Question 4

What are the benefits of cloud-based systems?

Answer 4

• Easy access anywhere in the world
• Secure/password protected
• Low set-up cost
• Teams can work in ‘real time’
• Access control/restrictions are available for confidential files and folders

Question 5

What sources of pricing data are available?

Answer 5

• BCIS
• Pricing books such as Spon’s
• Benchmarking
• In-house records and databases

Question 6

What is BCIS?

Answer 6

• Building Cost Information Service
• Provides cost and price data for the UK construction industry. The data will help to produce specific estimates for option appraisals, provide early cost advice and plan costs and benchmarks.
• Part of RICS

Question 7

What is the Data Protection Act 2018?

Answer 7

• The Data Protection Act 2018 controls how your personal information is used by organisations, businesses, or the government.
• The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR)

Question 8

What is GDPR?

Answer 8

GDPR is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.

Question 9

Who are the key persons outlined within GDPR?

Answer 9

• Data controller - person who decides how and why to collect and use the data. The controller must make sure that the processing of that data complies with data protection law.
• Data processor
• Data subject
• Data Protection officer

Question 10

What is the purpose of GDRP?

Answer 10

• GDPR was designed to harmonise data privacy laws across all member countries as well as provide greater protection and rights to individuals.
• GDPR was also created to alter how businesses and other organisations can handle the information of those who interact with them. There’s the potential for large fines and reputational damage for those found in breach of the rules.

Question 11

What constitutes personal data?

Answer 11

Any information related to a natural person or ‘Data Subject’, that can be used to identify the person directly or indirectly. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medial information, or a computer IP address.

Question 12

What is the difference between a data processor and a data controller?

Answer 12

A controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.

Question 13

What are the 7 key principles of GDPR?

Answer 13

1. Lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimalisation
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality (security)
7. Accountability

Question 14

What are the 8 individual rights under GDPR?

Answer 14

1. To be informed
2. To access
3. To rectification
4. To erasure
5. To restrict processing
6. To data portability
7. To object
8. To automated decision making and profiling

Question 15

Who enforces GDPR?

Answer 15

The Information Commissioner’s Office