Data management Flashcards

1
Q

What is meant by the term confidentiality?

A

Where information is provided but is subject to confidence and not shared without permission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is your understanding of the term Meta Data?

A

This is information about a specific piece of data- structured data that provides information about other data, such as its purpose, origin, and how to access it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Example of meta data

A

When sharing a cost planning document- the meta data associated with this would be the author, the file size, the date the document was created, and keywords to describe the document.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why is this important?

A

This must be afforded the same level of care as all other confidential data. When sharing a document we should ensure any other confidential metadata is not shared inadvertently.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is your understanding of Intellectual Property?

A

This is the right to control the use and ownership of original works.
note: works created by an employee typically belongs to the employer unless copyrights are put in place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Copyright

A

It is common in construction for a client to be granted a licence for use and reproduction of copyright material which must be clearly defined. EXAMPLE: This could be use of a design by a specialist subcontractor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does GDPR stand for?

A

(EU) General Data Protection Regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 8 Individual rights under GDPR?

A
  1. The right to be informed
  2. The right of access
  3. The right of rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. The right of automated decision making and profiling
    (Diversity, inclusion and team working)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Who are the key persons outlined with GDPR?

A
  1. The controller
  2. The Processor
  3. Data Protection Officer (DPO)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the role of the controller?

A

This is the natural person or legal entity that determines the purposes and means of the processing of personal data e.g. when processing an employee’s personal data, the employer is the controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the role of the processor?

A

This is the natural person or legal entity that processes personal data on behalf of the controller for example a call centre acting on behalf of its client is considered to be a processor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the role of the data protection officer?

A

This is a leadership role required by EU GDPR. This role exists within companies that processes the personal data of EU citizens. A DPO is responsible for overseeing the data protection approach, strategy and its implementation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are a person’s rights under the Data Protection Act?

A

People have the right to:
- to be informed about how their data is being used
- the right to access their data
- the right to have incorrect information updated
- to have their data erased
- to stop/restrict the processing of their data
- the right of portability
- to object to the use of their data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the Data Protection Act 2018?

A

This act replaces the 1998 legislation and manages how personal data is processed by organisations and the government.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the key principles of the data protection act 2018?

A

The act ensures that data is:
- used fairly, lawfully and transparently
- used in a way that is adequate, relevant and limited to only the purpose it is intended.
- is retained for no longer than is necessary
- processed securely including the protection against unlawful use, loss or destruction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the Freedom of Information Act 2005?

A

The primary piece of UK legislation that controls the access to official information.
The act permits the public right of access to information held by public authorities.
Information must also be published through the public authorities publication scheme.
The act covers all information held and not just information since the act came into effect.

17
Q

What are the benefits of cloud-based storage systems?

A
  • Information is backed up securely on encrypted servers.
  • Accessibility can be managed via online settings.
  • Cloud systems are often cheaper than the costs of physically storing and managing files.
  • It is convenient to send and share files
  • Cloud systems are environmentally friendly
  • multiple users can access the same documents.
  • documents and folder systems can be synchronised.
18
Q

What is the meaning of a non-disclosure agreement?

A

These are used to protect against the disclosure or sharing of any confidential data.
Prior to the confidential information being shared with a recipient, clients will typically request they sign an NDA
These are used when confidential, sensitive, innovative or intellectual property information is being shared to prevent this being used by competitors.

19
Q

If two separate departments in your firm are working for two rival companies, how would you ensure client sensitive data was managed?

A
  • I would make the client aware of the risks involved and check their understanding of the conflict of interest.
  • I would ensure a letter of instruction to continue was obtained from the client.
  • Exclusivity of staff would be arranged.
  • The use of non-disclosure agreements would be considered.
  • Separate working locations from each of the teams would need to be put in place.
  • Secure document and data storage would be arranged to be used exclusively for the separate teams.
20
Q

What different sources of information do you use in your day-to-day surveying?

A
  1. RICS Guidance Notes
  2. Contract Documentation
  3. Previous Tenders.
  4. Cost Plans.
  5. Valuation data.
  6. Industry journals
  7. Specialist sub-contractor information.
21
Q

How do you manage these sources of information to ensure compliance with the legislation?

A
  • If I have signed up to an NDA with a client I ensure complete confidentiality and I understand that I am not able to talk about/discuss these projects with colleagues not party to the project.
  • I use lockable/secure, encrypted document storage both hard copy and electronically.
  • I always lock my computer when I am not at my desk and I comply with RLB’s IT policies.
  • If I am sharing/processing information not available in the public domain from a previous project I obtain written permission to do so.
22
Q

How do companies ensure compliance with the Data Protection legislation generally?

A

Companies should only retain data they need to perform their day-to-day operations.
If they are retaining someone’s data they should ensure the person is kept informed and advised why they have it.
They should hold the data securely.
They should also keep the information up to date and delete information they no longer need.

23
Q

What are the advantages of using online document storage?

A

Everyone has shared access, fast to update, good and trusted technical support, easy to use, can all edit live documents at once. It is traceable

24
Q

What are the disadvantages of using an online document storage system?

A

Potential for data breaches, fairly easy to get hold of links to files

25
Q

What are the fines if there is a breach?

A

Fines up to 4% of annual global turnover or 17.5 million pounds whichever is lower

26
Q

Can you name some of the GDPR principles?

A

“LADSPAS”
Lawfulness, Fairness and Transparency
Accountability
Data Minimisation
Storage Limitation
Purpose Limitation
Accuracy
Security (Integrity and Confidentiality

27
Q

What does BCIS stand for?

A

Building Cost Information Service

28
Q

What are pros of BCIS

A

It has a wide array of data
Good for indices across construction

29
Q

Name a con of BCIS

A

It is reliant on people/companies actually uploading the data

30
Q

What do you do to collect/manage data?

A

Upload cost data into RLB’s database.