Data Management Flashcards

1
Q

How long do you need to keep data for?

A

• 6 years if the contract is signed underhand.
• 12 years if the contract is signed as a deed.
• RICS recommends up to 15 years, this is the limitation period for most legal claims.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What type of data systems are used in your organisation?

A

• Shared hard drives.
• Backup servers.
• Online storage systems such as Dropbox.
• Software such as Microsoft Teams.
• Project extranet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the benefits of cloud-based storage systems?

A

• Easy access anywhere in the world.
• Secure / password protected.
• Low set up cost.
• Teams can work in ‘real time’.
• Access control / restrictions are available for confidential files and folders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is BCIS?

A

• Building Cost Information Service.
• Provides cost and price data for the UK construction industry. The data will help to produce specific estimates for option appraisals, provide early cost advice, and plan costs and benchmarks.
• Part of RICS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the Data Protection Act 2018?

A

• The Data Protection Act 2018 controls how your personal information is used by organisations, businesses, or the government.
• It is the UK’s implementation of the General Data Protection Regulation (GDPR).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is GDPR?

A

• GDPR is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area.
• It also addresses the transfer of personal data outside the EU and EEA areas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of GDPR?

A

• GDPR was designed to harmonise data privacy laws across all member countries as well as provide greater protection and rights to individuals.
• GDPR was also created to alter how businesses and other organisations can handle the information of those that interact with them.
• There’s the potential for large fines and reputational damage for those found in breach of the rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Who are the key persons outlined within GDPR?

A

• Data Controller: Decides how and why to collect and use the data. Ensures that data processing complies with data protection law.
• Data Processor: A separate person who processes data on behalf of the controller and in accordance with their instructions.
• Data Subject: Individual whom personal data is about.
• Data Protection Officer: Ensures compliance with the data protection regulations without replacing the functions carried out by the supervisory authorities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What constitutes personal data?

A

• Any information related to a natural person or ‘Data Subject’ that can be used to identify the person directly or indirectly.
• This can include a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.
• The legislation applies not only to electronic data but also to any records that are stored in a form that is easily searchable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the difference between a data processor and a data controller?

A

• Controller: Determines the purposes, conditions, and means of processing personal data.
• Processor: An entity that processes personal data on behalf of the controller

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the 7 key principles of GDPR?

A
  1. Lawfulness, fairness, and transparency.
    1. Purpose limitation.
    2. Data minimisation.
    3. Accuracy.
    4. Storage limitation.
    5. Integrity and confidentiality (security).
    6. Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the 8 individual rights under GDPR?

A
  1. To be informed.
    1. To access.
    2. To rectification.
    3. To erasure.
    4. To restrict processing.
    5. To data portability.
    6. To object.
    7. To automated decision-making and profiling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Who enforces GDPR?

A

The Information Commissioner’s Office

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the Freedom of Information Act 2000?

A

• Provides public access to information held by public authorities.
• It does this in two ways:
1. Public authorities are obliged to publish certain information about their activities.
2. Members of the public are entitled to request information from public authorities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

If you intend to destroy a document, what things should you consider beforehand?

A

• Is the document an original contract/legal document?
• Could the document be required for litigation or other proceedings?
• Does the document relate to a live project?
• Is a backup copy available

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What measures could be taken to protect commercially sensitive information?

A

• Have a non-disclosure agreement in place.
• Physical separation of staff.
• Security of stored documentation, including locked filing cabinets and password-protected servers

17
Q

Are there any ways that we can protect data when we are transferring it on a client’s behalf?

A

• Encryption and password locking.
• Recorded special delivery.
• Mark it as confidential.
• Using secure networks and software

18
Q

What is an information barrier?

A

• A physical and/or electronic separation of individuals within the same firm.
• The aim is to protect confidential information