Data Management Flashcards
What are the benefits of cloud based storage systems?
Information is backed up securely on encrypted servers
Accessibility can be managed via online settings
Cloud systems are often cheaper than the costs of physically storing and managing files
It is convenient to send and share files online instead of mailing physical copies
Cloud systems are environmentally friendly
Multiple users can access the same documents
Documents and folder systems can be synchronised
What is the meaning of a non disclosure agreement?
Non disclosure agreements are used to protect against the disclosure or sharing of any confidential data.
Prior to the confidential data being share with a recipient, clients will typically request that the recipient signs up to an NDA.
They are often used when confidential, sensitive, innovative or intellectual property information is being shared to prevent this information being used by competitors.
If two separate departments within your firm were working for two rival companies how would you ensure client sensitive data was managed?
Make client aware of risks involved.
Inform them of the perceived Conflict of interest
Informed consent will need to be provided.
Firm would need to crest an information barrier, such as secure storage and separate working locations.
Potentially sign NDAs
Single Communication Lines in to client
Who are the key persons outlined within GDPR?
Controller
The controller is the natural person or legal entity that determines the purposes and means of the processing of personal data (e.g., when processing an employee’s personal data, the employer is considered to be the controller).
Processor
A natural person or legal entity that processes personal data on behalf of the controller (e.g., a call centres acting on behalf of its client) is considered to be a processor. At times, a processor is also called athird party.
Data Protection Officer (DPO)
The Data Protection Officer is a leadership role required by EU GDPR. This role exists within companies that process the personal data of EU citizens. A DPO is responsible for overseeing the data protection approach, strategy, and its implementation.
What are the 8 individual rights under GDPR for people?
The right to be informed how their data is being used.
The right to access their data.
The right to have incorrect data updated.
The right to have their data erased.
The right to restrict processing of their data.
The right to data portability
The right to object to the use of their data.
Rights of automated decision making and profiling
What does it mean to be GDPR compliant?
GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly.
What are the 7 principles of GDPR?
Lawfulness, fairness and transparency.
Purpose limitation.
Data minimisation.
Accuracy.
Storage limitation.
Integrity and confidentiality (security)
Accountability.
What things must companies do to ensure GDPR compliance?
Raise awareness across your business
Audit all personal data
Update your privacy notice
Review your procedures supporting individuals’ rights
Identify and document your legal basis for processing personal data under the GDPR
Review how you seek, obtain and record consent
What is your understanding of the term confidentiality?
Where information is provided but is subject to confidence and not shared without permission.
What is meta data?
Data that provides information about other data.
What is your understanding of intellectual property and copyright?
This is the right to control the use and ownership of original works.
Work created by an employee, usually belongs to their employer, unless copyrights are in place.
Occasionally, in construction we need to be given consent to use designs by subcontractors or specialist manufacturers.
What is the Data Protection Act 2018?
It manages how personal data is processed by organisations and the government.
What are the key principles of the Data Protection Act 2018?
The act ensures that data is:
Used fairly, lawfully, and transparently.
Used in a way that is adequate, relevant and limited to only the purpose it is intended.
It is retained no longer than is necessary.
Processed securely including the protection against unlawful use, loss or destruction.
What different sources of information do you use in your day to day surveying?
RICS Guidance notes
Contract Documentation
Previous Tenders
Cost Plans
Valuation Data
Industry Journals
How do you manage information to ensure compliance with legislation?
I use lockabale and secure document storage for hard copy documents.
Electronic information is kept securely on encryted servers.
I always lock my computer when away from my desk.
I always obtain the clients written permissions if I am sharing information that is not available in the public domain.