Data Management

Question 1

I see you have extracted data from various sources- why is it important to verify this data?

Answer 1

Relied on for advice

Question 1

When you extracted data, which principles did you follow?

Answer 1

For legitimate purposes
up to date and accurate
only kept for time needed

Question 2

what happens if you breach data protection rules? / Data Protection Act penalties?

Answer 2

Warnings for first/non compliance
less serious- £8.5m fine of 2% annual turnover
more serious -£17.5m fine or 4% global turnover- whichever is greater

Question 3

Who is the ICO?

Answer 3

Information Comissioners Office

Question 4

What data protection training have you done?

Answer 4

Internal training on data controller and data processing

Question 5

which key role did have you undertaken under GDPR key roles?

Answer 5

data contoller
data processor

Question 6

What are some of the key requirements under GDPR?

Answer 6

Individuals have the right to have it erased
breach must be reported within 72 hours where there is a loss of personal data - risk of harm to individuals

Question 7

What are some of the key GDPR principles?

Answer 7

processed lawfully in transparent manner/fair
only collected for specific and legitimate purposes
accurate and up to date
kept in a way that the subject should not be identifiable
processed to ensure security of data

Question 8

How do you keep data secure?

Answer 8

passwords
two step verification
erasing data you no longer need
anti-virus software

Question 9

How were the data bases you used within property management stored?

Answer 9

On a network

Question 10

What are the pros and cons of a subscription (4D)?

Answer 10

PROS
-access to large amounts of data
-analysis
-provide a source- verification

CONS
-limited/inconsistencies
-data inaccuracies

Question 11

Social Value Data- was this personal data?

Answer 11

No because the data was relating to a postcode, no employee name was given. Therefore, the person was not identifiable.

Question 12

EPC/LOA schedules- How did you ensure compliance with DPA 2019/UKGDPR?

Answer 12

-follow LSH training
-don’t keep data for longer than necessary

Question 13

What are the 8 individual rights under the UK GDPR?

Answer 13

-to be informed
-to access
-to erasure
-to rectification
-data portability
-restrict processing
-to object
-automated decision making/profit

Question 14

What actually is social Value?

Answer 14

positive or negative impacts
a building, place or infrastructure has on
the environment, economy or community

Question 15

What does TOMS stand for?

Answer 15

Themes, Outcomes and Measures

Question 16

What is 4D monitoring?

Answer 16

smart building technology that enables facility management stakeholders to create sustainable, energy efficient properties.

Question 17

Where is the equipment placed?

Answer 17

key plant room equipment to extract performance data (gives insight into building performance)

Question 18

What is the freedom of Information Act 2000?

Answer 18

Gives individuals the right to access information held about them by public bodies (must respond within 20 days)

Exemptions-criminal matter or COI

Question 19

What would an abnormality be in 4D equipment?

Answer 19

unusual patterns (dip/spikes) ie lights left on.

Question 20

What is done about 4D equipment not working?

Answer 20

check in’s with FM’s to detail abnormalities- might be equipment issue or something they can control ie turn heating off over weekend.

Question 21

Why did you choose those 17 measures?

Answer 21

Together with Social Value Portal identified key business milestones and what we were trying to solve:

Themes, Jobs, Growth, Social, Environment + Innovation

NT1: no of local people employed (Jobs)
NT18: total spent on local supply chain through contract (Growth)
NT32: No of car miles saved on environment (Environment)
-supporting local skills and employment
Measures not as relevant to LSH:

-no of people employed to identify and manage risk of modern slavery
-initiatives aimed at reducing crime

Question 22

Was the 30 mile distance decided by you or SVP?

Answer 22

This is decided by SVP. Their

Question 23

What are the outcomes?

Answer 23

A retrospective report is written up with outcomes- with the 17 measures LSH delivers over £63,475,992.

using their calculator.

eg 1,173 weeks of apprenticeships
31 weeks of work placements

Question 24

What did the internal data base look like?

Answer 24

Spreadsheet

Question 25

Were there any GDPR issues with collecting and storing this information- did you have to notify anyone?

Answer 25

No- it could not identify individuals
data was erased whenever report was complete.

Question 26

EPC Schedule example- how did you advise the client?

Answer 26

using database to advise client on number of EPCs needing updated.

Question 27

What is manual consumption data?

Answer 27

Tenants providing their usage (LOA providing alternate route)

Question 28

What kind of decisions would LL be able to make from tenants utility data?

Answer 28

upgrading lighting (LED), sensor lighting
energy efficient - dual flush, sensor taps
renewable energy
switching to electric boiler

Question 29

What does the 2018 Data Protection Act relate to?

Answer 29

Personal Use of Data by 3rd parties, gives individuals the right to control and be informed how their data is used.

Question 30

What are some of the benefits of a database?

Answer 30

-Efficient Management of data
-Data Analysis
-Creates a resource
-Holds data securely
-Rigid approach - improves accuracy

Question 31

What are some of the key requirements of the Data Protection Act 2018?

Answer 31

-impact assessments required for high risk holding of data

-data controller decides how/why personal data is processed
-individual rights to access and erase personal data

-data accountability- organisations need to be able to prove to ICO that they’re complying with regulations

-data breaches need to be reported to the ICO within 72 hours

-fines up to £17.5m/4% global turnover

Question 32

What is a typical storage medium?

Answer 32

flash drive / solid state

Question 33

What are some of the main issues with software?

Answer 33

Compatibility Issues
Fragile (can fail)
protection
access
Legacy issues

Question 34

What are the advantages of storing data off site?

Answer 34

A- cheaper
D- potential security risks, loss of data

Question 35

If storing data off site- what measures?

Answer 35

-Appropriate IT specialists
-Data Encryption and access restriction
-data loss prevention systems (mirror servers)
-risk assessments
-policies for mobile data management

Question 36

Key themes under the RICS Futures Report ?

Answer 36

Data / technology
ESG and Sustainability
Inclusion
Ethics and Standards

Question 37

Where can data be stored?

Answer 37

Local- attached to a physical device (only accessed from that device)
Network - (LSH use)!! accessed via multiple devices
Cloud - held off site in logical pools

Question 38

What does data accountability mean?

Answer 38

Organisations need to prove to the ICO how they comply with data regulations.

Question 39

What is a data base?

Answer 39

Organised data held electronically

Question 40

What does interrogating data mean?

Answer 40

Checking quality- spot checking

Question 41

What are some potential risks to data secutiry?

Answer 41

Malware and viruses
data phishing attacks
loss of physical devices
corruption

Question 42

What are some data security technology examples?

Answer 42

site back ups
password protection
anti-virus

Question 43

Any RICS Guidance on data handling and cyber crime?

Answer 43

Data Handling and the Prevention of Cybercrime

Question 44

What is open sourced data?

Answer 44

Used By anyone

Question 45

What does the ICO do?

Answer 45

Polices data under 4 key pieces of legislation
1.) Data Protection Act 2018
Privacy and Electronic Communications (EC Directive) Regulations 2003
Freedom of Information Act 2000
Environmental Information Act 2000

Question 46

How can you assess personal data under DPA 2018?

Answer 46

-can be phone, ideally writing
-identity confirmed
-info provided in accessible and concise format

Question 47

when must firms respond to requests for personal data?

Answer 47

1 month
3 months (only if complex)

Question 48

What is the relationship between the GDPR and the Data Protection Act?

Answer 48

UK GDPR is implemented by the Data Protection Act