Data Management

Question 1

What is ICO?

Answer 1

Information Commissioner Office

Question 2

What does ICO do?

Answer 2

All companies processing personal information must register with ICO under Data Protection 1998

Question 3

What is the Data Protection Act 2018?

Answer 3

Gives people to the right to know how the government and other organisations store information about you

UK implementation of GDPR

Question 4

What are the 7 key principles to GDPR?

Answer 4

Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity and confidentiality (security)
Accountability

Question 5

Define confidentiality?

Answer 5

Confidence to share but not without permission

Question 6

What is meta data?

Answer 6

Information regarding specific data such as planning documents

Includes author, dates, rules size

Not to be shared

Question 7

What is intellectual property and copyright?

Answer 7

Controlled use and ownership of information

E.g employees work is owned by the employer unless copyright

Licence provided to use and reproduce

Question 8

What is Freedom of Information Act 2005?

Answer 8

Controls access to official information

Public right to access information held by public authorities

All information held

Overseen by Information Commissioners Office

Question 9

How to use a cloud based storage system and benefits?

Answer 9

Backs up on encrypted servers
Online accesss
Cheap
Enables sharing
Environmentally friendly
Multi users permitted
Documents and folders synchronised

Question 10

What is an NDA?

Answer 10

Non-disclosure agreement

Protects disclosure and sharing of data

Prior to sharing data an agreement is reached

Question 11

What is the Data Protection Act 2018?

Answer 11

Replaces 1998 legislation for managing personal data

Uk legalisation of EU General Data Protection Regulations

Question 12

What are the principles for Data Protection Act 2018?

Answer 12

Ensures data is:
- used fairly, lawfully and transparently
- used for purpose
- only retained when necessary
- processed securely

Question 13

What are your personal rights under Data Protection Act 2018?

Answer 13

Right to:
- be informed on the use
- right to access
- right to be updated
- right to erase
- right to stop/restrict
- right to portability
- right to object use

Question 14

What are the key persons of GDPR?

Answer 14

Controller - determines purpose and means of processing

Processor - processes on behalf of controller

Data protection officer - required by EU GDPR

Question 15

What is a data protection officer?

Answer 15

Required by EU under GDPR
Process EU citizens data
Oversee the approach, strategy and implementation

Question 16

Types of data used?

Answer 16

Guidance notes
Contracts
Tenders
Cost plan
Valuation data
Journals
Sub contractor information

Question 17

How to ensure compliance with Data Protection Act 2018?

Answer 17

Non-disclosure agreement for confidential information
Lockable storage
Password protection
Encryption
Consent

Question 18

How do companies ensure compliance?

Answer 18

Only retain data needed
Inform person of use and advise why
Store securely
Delete when not needed

Question 19

Outline what GDPR is?

Answer 19

Correction = change data
Portability = transfer
Evasive = delete
Access = know what is collected and how
Consent = consumer informed

Question 20

What are the principles of Article 5 of GDPR?

Answer 20

Personal data shall be:
- processed lawfully, fairly and transparently
- collected for legitimate purpose
- relevant and limited to what it is necessary in related to
- kept up to date and accurate
- kept securely to identify data no longer necessarily for purpose
- processed to ensure security

Question 21

Types of communication?

Answer 21

Graphs
Photos
Schedules
Maps
Property reports
Data storage
Benchmarking
Security

Input data = property records

Output data = rental info

Question 22

Cycle of documents?

Answer 22

Compose
Capture
Review
Approve
Retrieve
Archive

Question 23

What is personal data?

Answer 23

Under Uk GDPR Article 4:personal data is information relating to an identified or identifiable natural person
Name
Identification number
Location data
Online identifier

Question 24

What are the fines for non-compliance with GDPR?

Answer 24

4% of annual global turnover or 20m

Question 25

Types of data source

Answer 25

Primary - time consuming and expensive

Secondary - not as reliable

Question 26

How to handle 2 departments within one firm acting for two rival firms need to ensure management of data?

Answer 26

• ensure client is aware and informed
• conflicts of interest
• obtain letter of instruction
• exclusive staff access
• NDA
• separate working in different locations
• documents and data store separately

Question 27

What can companies put in place to ensure GDPR compliance

Answer 27

Raise awareness across staff
Audit personal data
Update privacy notice
Review procedures
Identify and document legal basis for processing data
Review how you seek, obtain and record consent

Question 28

How do Coop manage and protect data?

Answer 28

Secure storage
Back up documents
Sharing/confidentiality of documents
Common data standards
Formatting/standardising reports
Data sharing with internal/external teams
Paper form/ digital

Question 29

What does it mean to be GDPR complaint?

Answer 29

Requirement for business to protect personal data and privacy of EU citizens

Question 30

How long does Lincolnshire Coop hold data?

Answer 30

7 years from end of relatiohip

Question 31

What is ISO27001?

Answer 31

International information Security Standard which outlines requirements for how a company should implement an information security management system.

This a governance framework for activities that allows a company to manage its information security risks

Question 32

What is data?

Answer 32

Raw facts
Unorganised
Primary
Basic inputs

Question 33

What is information?

Answer 33

Organised data which has been processed and structured
Secondary

Question 34

Why collect data?

Answer 34

As a record
Obtain information
Make decisions
Pass on

Question 35

Types of data?

Answer 35

Cost data
Market prices
Material costs
Budgets
Cash flows

Question 36

What is internal data?

Answer 36

Owned by company

Question 37

What is external data?

Answer 37

Stats
Market information

Question 38

How to protect data?

Answer 38

Access restrictions
Password
Scan, save, shred
Back up
Firewalls
Anti virus

Question 39

Principles of data management

Answer 39

Data is:
An asset
Shared
Accessible
Secure
Not duplicate
Fit for purpose

Question 40

Data management process

Answer 40

Collection
Share
Store
Access
Reassign
Delete

Question 41

What is tacit knowledge?

Answer 41

Knowledge gained through experience

Question 42

What is EDMS

Answer 42

Electronics document management system

Question 43

Benefits of EDMS?

Answer 43

High security
Data retrieval easier
Time save
Effective control
Share information

Question 44

Disadvantage of EDMS

Answer 44

Higher cost
Specialist training
Online security
Complex use
System errors

Question 45

Advantage/disadvantage of traditional management systems?

Answer 45

Adv - less cost, no specialist training, simple and user friendly, no online threat

Disadvantage - staff to upload, high cost, paper waste, time consuming, more space needed