Data Management Flashcards
What is your understanding of the term confidentiality
Where information is provided but is subject to confidence and not shared without permission
What is your understanding of the term meta data and why is this important
- Meta Date is information about a specific piece of data
- For example when sharing a cost planning document, the meta date associated with this could consist of information about the author, file size, date the document was created
- We must ensure that this meta data is afforded the same level of care as all other confidential date
What is you understanding of intellectual property and copyright
- This is the right to control and use the ownership of original works
- Work generally created by an employee usually belongs to their employer unless copyrights are put in place
- It is common within construction for a client to be granted license for use and reproduction of copyright material which should be clearly defined
- This could be the right to use a particular design by a subcontracting specialist who retains control of the original copyright
What is the Freedom of information act 2005
- This is the primary piece of UK legislation that controls the access to official information
- The act permits the public right of access to information help by public authorities.
- Information must also be published through the public authorities publication scheme
- The act covers all information held and not just information since the act came into effect
What are the benefits of cloud storage
- Information is backed up securely on servers
- Accessibility can be managed via online settings
- cloud systems are often cheaper than physical storage
- cloud systems are environmentally friendly
What is the meaning of a non-disclosure agreement
- Non-disclosure agreements are used to protect against the disclosure or sharing of any confidential data
- Prior to the confidential data being shared with a recipient, clients will typically request that the recipient signs up to an NDA
- They are often used when confidential. sensitive, innovative or intellectual property information is being shared to prevent this information being used by its competitors
If two separate departments within your firm were working for two rival firms how would you ensure client data was managed?
- I would make the clients aware of the risks involved and check their understanding of the conflict of interest
- I would ensure a letter of instruction to continue was obtained from both clients
- Exclusivity of staff would be arranged
- Non disclosure agreements could be used
- Separate geographical locations should be used.
- Separate document storage documents
What is the Data Protection Act 2018
- The act replaces the previous 1998 legislation and manages how personal data is processed by organisations and the government
- It is the UK legislations for the implementation of the EU General Data Protections Regulations (GDPR)
What are the key principles of the Data protection Act 2018
the act ensures that data is
- Used fairly, lawfully and transparently
- Used in a way that is adequate, relevant and limited to only the purpose it is intended
- Is retained for no longer than is necessary
- Processed securely included the protection against unlawful use, loss or destruction
What are a persons rights the under the Data Protection Act
People have the right to:-
- To be informer about how their data is being used
- The right to access their data
- The right to have incorrect information updated
- To have their data erased
- To stop or restrict the processing of their data
- The right of portability
- To object the use of their data
Who are the keypersons outlined within GDPR
Controller
- The controller is the natural person or legal entity that determines the purposes and means of the processing of personal data
Processor
- A natural person or legal entity that processes personal data on behalf of the the controller for example a call centre acting on behalf of its client
Data Protection Officer (DPO)
- The data protection Officer is a leadership role required by EU GDPR. This role exists within companies that process the personal data of EU citizens.
What are the 8 individual rights under GDPR
- The right to be informed
- the right of access
- The right of rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights of automated decision making and profiling
- Diversity, Inclusion and Team working
What sources of information do you use in your day to day
- RICS guidance Notes
- Contract documentation
- Previous Tenders
- Cost Plans
- Valuation data
- Industry Journals
- Specialist sub contractor information
How do you manage these sources of information to ensure compliance with legislation
- If signed up to an NDA with a client i ensure complete confidentiality and I am not able to talk about these project with colleagues who are not party to the project
- I use lockable and secure document storage for hard copy documents. The electronic information is kept securely on encrypted servers
- I lock my computer when im away from my desk and change my password often
How do companies ensure compliance with data protection legislation
- Only retain data they need
- If they are retaining data they should ensure that the person is kept informed as to why they have it