Data Management

Question 1

What is your understanding of the term confidentiality

Answer 1

Where information is provided but is subject to confidence and not shared without permission

Question 2

What is your understanding of the term meta data and why is this important

Answer 2

• Meta Date is information about a specific piece of data
• For example when sharing a cost planning document, the meta date associated with this could consist of information about the author, file size, date the document was created
• We must ensure that this meta data is afforded the same level of care as all other confidential date

Question 3

What is you understanding of intellectual property and copyright

Answer 3

• This is the right to control and use the ownership of original works
• Work generally created by an employee usually belongs to their employer unless copyrights are put in place
• It is common within construction for a client to be granted license for use and reproduction of copyright material which should be clearly defined
• This could be the right to use a particular design by a subcontracting specialist who retains control of the original copyright

Question 4

What is the Freedom of information act 2005

Answer 4

• This is the primary piece of UK legislation that controls the access to official information
• The act permits the public right of access to information help by public authorities.
• Information must also be published through the public authorities publication scheme
• The act covers all information held and not just information since the act came into effect

Question 5

What are the benefits of cloud storage

Answer 5

• Information is backed up securely on servers
• Accessibility can be managed via online settings
• cloud systems are often cheaper than physical storage
• cloud systems are environmentally friendly

Question 6

What is the meaning of a non-disclosure agreement

Answer 6

• Non-disclosure agreements are used to protect against the disclosure or sharing of any confidential data
• Prior to the confidential data being shared with a recipient, clients will typically request that the recipient signs up to an NDA
• They are often used when confidential. sensitive, innovative or intellectual property information is being shared to prevent this information being used by its competitors

Question 7

If two separate departments within your firm were working for two rival firms how would you ensure client data was managed?

Answer 7

• I would make the clients aware of the risks involved and check their understanding of the conflict of interest
• I would ensure a letter of instruction to continue was obtained from both clients
• Exclusivity of staff would be arranged
• Non disclosure agreements could be used
• Separate geographical locations should be used.
• Separate document storage documents

Question 8

What is the Data Protection Act 2018

Answer 8

• The act replaces the previous 1998 legislation and manages how personal data is processed by organisations and the government
• It is the UK legislations for the implementation of the EU General Data Protections Regulations (GDPR)

Question 9

What are the key principles of the Data protection Act 2018

Answer 9

the act ensures that data is
- Used fairly, lawfully and transparently
- Used in a way that is adequate, relevant and limited to only the purpose it is intended
- Is retained for no longer than is necessary
- Processed securely included the protection against unlawful use, loss or destruction

Question 10

What are a persons rights the under the Data Protection Act

Answer 10

People have the right to:-
- To be informer about how their data is being used
- The right to access their data
- The right to have incorrect information updated
- To have their data erased
- To stop or restrict the processing of their data
- The right of portability
- To object the use of their data

Question 11

Who are the keypersons outlined within GDPR

Answer 11

Controller
- The controller is the natural person or legal entity that determines the purposes and means of the processing of personal data

Processor
- A natural person or legal entity that processes personal data on behalf of the the controller for example a call centre acting on behalf of its client

Data Protection Officer (DPO)
- The data protection Officer is a leadership role required by EU GDPR. This role exists within companies that process the personal data of EU citizens.

Question 12

What are the 8 individual rights under GDPR

Answer 12

• The right to be informed
• the right of access
• The right of rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights of automated decision making and profiling
• Diversity, Inclusion and Team working

Question 13

What sources of information do you use in your day to day

Answer 13

• RICS guidance Notes
• Contract documentation
• Previous Tenders
• Cost Plans
• Valuation data
• Industry Journals
• Specialist sub contractor information

Question 14

How do you manage these sources of information to ensure compliance with legislation

Answer 14

• If signed up to an NDA with a client i ensure complete confidentiality and I am not able to talk about these project with colleagues who are not party to the project
• I use lockable and secure document storage for hard copy documents. The electronic information is kept securely on encrypted servers
• I lock my computer when im away from my desk and change my password often

Question 15

How do companies ensure compliance with data protection legislation

Answer 15

• Only retain data they need
• If they are retaining data they should ensure that the person is kept informed as to why they have it