Data Management Flashcards

1
Q

What is GDPR?

A
  • General Data Protection Regulation
  • EU’s GDPR no longer applied to UK but new UK GDPR basically the same
  • UK GDPR is covered by the Data Protection Act (2018)
  • Aims to create a single data protection regime affecting businesses
  • Empowers individuals to take control of how their data is used by third parties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the key requirements of GDPR?

A
  • Obligation to conduct data protection impact assessments for high risk holding of data
  • New rights for individuals to have access to information on what personal data is held and to have it erased
  • Data protection officer oversees GDPR compliance and decides how and why personal data is processed
  • Data accountability – organisations can prove to the ICO how they comply with new regulations
  • Data security breaches need to be reported to ICO within 72 hours
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the penalties?

A

Up to 4% global turnover of the company or £17.5 million (whatever is the greater)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Who is the GDPR policed by?

A

Information Commissioners Office (ICO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the individual rights under the UK GDPR?

A
  • Right to be Informed
  • Right to Access
  • Right to Erasure
  • Right to Object
  • Right to Data portability (to use for their own purposes)
  • Right to Restrict processing
  • Right to Rectification
  • Right to Automated decision making and profiling (as undertaken by insurance firms)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the principles of the UK GDPR relating to storing personal data?

A
  • Article 5(1):
    o Proceeded lawfully, fairly and transparently
    o Collected for specified, explicit and legitimate purposes
    o Adequate, relevant and limited to what is necessary for the purposes for which they are processed
    o Accurate and where necessary kept up to date
    o If inaccurate must be erased or rectified without delay
    o Kept in form which permits identification for no longer than necessary
    o Process in a manner that ensures appropriate security of the personal data
  • Article 5(2):
    o Controller should be responsible for and be able to demonstrate compliance with the principles
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the Freedom of Information Act (2000)?

A
  • Gives individuals the right of access to information held by public bodies
  • Public body must tell if they hold the information
  • Public body is required to supply it in 20 working days in the format requested
  • It can charge for the provision of the information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the exemptions of the Freedom of Information Act (2000)?

A
  • Contrary to the GDPR requirements
  • It would prejudice a criminal matter under investigation
  • It would prejudice a person’s/firm’s commercial interest
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is encryption?

A

Process of encoding a message so only authorised parties can access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a fire wall?

A

Security system that monitors and controls incoming and outgoing traffic from your network. It prevents unauthorised access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an NDA?

A

Non-disclosure agreement – legally binding contract that requires parties to keep information confidential

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What happens if an NDA is breached?

A

The party that was harmed from the breach can take legal action to enforce the agreement and seek damages for losses incurred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What RICS Professional Standard has been proposed that relates to data management?

A
  • RICS Professional Standard on Data Handling and Prevention of Cybercrime – best proactive and mandatory obligations
  • How surveyors capture, store and share data appropriately and securely
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you ensure the security of your data?

A
  • Password protected devices
  • Anti-virus software
  • Regular backups off site
  • Firewalls
  • Disaster recovery procedures
  • Store paperwork in locked cupboards you no longer need
  • Encryption in your emails
  • NDA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How is HG GDPR compliant?

A
  • Secure website to prevent personal data from unauthorised access, breach or theft
  • Get consent for emails for mailing lists
  • Store information for 6 years
  • Data Handling Officer
  • Prepare action for handling data breaches
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Who’s responsibility is data protection?

A

Every individual working at HG must ensure that information is used and collected in a lawful, fair and transparent way. The Data Protection officer is there to monitor everyone acting in compliance with the act and for people to seek guidance

17
Q

What is special data and how do you process this?

A
  • Special data is personal data which GDPR says is more sensitive and so needs more protection (e.g. race, sexuality, political opinion)
  • Should not process special categories of data or make assumptions to influence business decisions
18
Q

Who owns personal data?

A

The subject person the data is about

19
Q

What is data?

A

facts and statistics collected for reference or analysis

20
Q

What is copyright?

A
  • A set of exclusive rights granted to the author of any original work, including the right to copy
  • These rights can be licensed, assigned or transferred
21
Q

What does the crown copyright refer to?

A

All materials created and prepared by the government, such as laws, public records, OS mapping

22
Q

Did you have permission to use that image?

A

Yes because I have provided attribution to Google. They allow the fair use of their data

23
Q

What is the significance of managing and storing accurate records of data and can you give an example of when you have done that?

A

I utilize various databases such as CoStar and EGI for data collection. I acknowledge that each of them varies in terms of accuracy. When I am conducting a rent review or lease renewal, I gather my comparable evidence through these sites which provide me with the details of historic deals. I fully comprehend the limitations in the accuracy of these databases as well as the importance of relying on trustworthy and pertinent sources