Data Management Flashcards
How have you advised on data storage system?
Advised my line manager that the current system for deadlines is inadequate.
1. Needed a Centralised schedule to be within the internal data storage system
2. Data was sensitive, advised that needs to have access control features. This ensures compliance with GDPR and data protection to safeguard confidential client details.
3. Having a centralised system demonstrated how I could be more efficient advising the client on appeals improving client communication
How have you advised on business filling systems?
Within the data storage system I advised on implementing a schedule for the deadlines.
How have you benchmarked from analysed historic data?
Able to review historic rental data to advise the client on rating proposals
In addition, with finding rental comparables for rent reviews and lease renewals
How have you advised on security of data?
Glasshouse Street for example
Confidential T/O amounts for that unit
Microsoft Office 365 Encryption
Password protected files when sending schedules to clients
I have advised on firewalls, adding barriers for external cyber threats
I have advised on signing NDAs when clients are uneasy
How have you complied with client’s data security requirements?
Signing an NDA
Legally enforceable contract between two parties relating to sensitive information
Creates a confidential relationship between a person who has sensitive information and a person who has access to that information
Any breach - the part can enforce legal action and seek damages
How have you incorporated data research into complex reasoned advice to clients?
2024 Autumn Budget
New UBRs - Estimated liabilities for following year
Rate Relief having to provide advice updating the schedules reflecting this.
Advice to allow businesses to forecast and for those waiting to be assessed
Advising the client they have not gone over the £315k threshold
How have you presented conclusions to clients from data research and analysis?
- Collate & Analyse the Data
- Structure my findings in a report / spreadsheet
- Present advice and conclusions
Data storage system - what kind of schedule did you advise should be implemented?
Excel schedule
Simple and straightforward to use
Can be password protected to protect sensitive information
Data Storage System - What did you perceive the benefits of implementing the schedule to be?
Organisational efficiency / Client Care
Better Communication
Data security
What access control features did you advise should be in place?
Discretionary access control (DAC)
My line manager can decide who has access
The schedule is also password protected
An option of a multiplier authentication to implement on the internal system
How do you ensure your accuracy when updating the schedule?
I ensure the data collected is accurate through a trusted source and cross checking the information using the triangulation method
I double check all the inputs and get a colleague to review
I keep track of changes
Restrictive permissions to ensure schedules will not be edited
2024 Autumn budget - What data did you gather and compile?
2024 Autumn Budget
New UBRs - Estimated liabilities for following year
Rate Relief having to provide advice on where rate relief is not eligible
Updating the schedules reflecting this
How did you update their portfolios?
Added a new column
New input for the UBR
Excel formula to ensure accuracy and case of human error
How did you provide the clients with the documents?
Password protected
Microsoft 365 Encryption service
How do you ensure information isn’t sent to the wrong client?
Verification process:
Cross check with internal contact sheet
Am very careful with automatic email fill
I standardise client file names
eg Client Name - Address - Subject
Ensure that the data is restrictive access only
How is your firm compliant with UK GRDPR
Compliant with the individual rights to our clients.
Informed
Rectification
Object
Access
Restrict
Erasure
Disclosure
Automated decision making and business profiling
Article 5(1) is all about the principles relating to the storage of personal data:
1. Processed lawfully, fairly and in a transparent manner
Lawful bases include:
a) Consent - client gives me consent to process their personal data
b) Contract
c) Legal obligation - necessary to comply with law (HMRC)
Article 5 (2) requires that the “controller shall be responsible for, and be able to demonstrate, compliance with the principles”
What are the individual UK GDPR rights
8 individual Rights under UK GDPR:
1. Right to be informed
2. Right of access
3. Right to rectification
4. Right to erasure
5. Right to restrict processing
6. Right to data portability (to use for their own purposes)
7. Right to object
8. Right to automated decision making and profiling (as undertaken by insurance companies)
What is the UK GDPR and the Data Protection Act 2018
General Data Protection Regulation is covered by the DPA 2018
Aims to create a single data protection regime affecting businesses, and empower individuals to take control of how their data is used by third parties.
It gives people rights to be informed about how their personal information is used
Key requirements for UK GDPR
- An obligation to conduct data protection impact assessments
- Individuals to have access to personal information
- A data controller decides how and why personal data is processed
- A principle of ‘data accountability’ Information commissioner’s office (ICO) how they comply with the regulations
- Data security breaches must be reported to the ICO within 72
- Fines up to 4% global turnover of the company or £17.5m (whichever is the greater)
- Policed by the ICO
What is the act that gives individuals rights to access held by public bodies
Freedom of Information Act 2000
The public body must tell if information is held about them
Required to supply within 20 working days
It can charge for that provision
What are the exemptions for releasing individual data held by a public body
Contray to the GDPR requirements
Would prejudice a criminal matter
How can security of data be managed
Firewalls, encryption, cloud based systems and passwords
Regular backups off site
Anti virus software
NDAs
What is copyright
Set of exclusive rights granted to the author or creator of any original work
These rights can be licensed, assigned or transferred
Form of intellectual property
Crown Copyright refers to all material created by the Government such as laws
Any information I use which is copyrighted must be acknowledged
Data Protection Act 2018
This act makes provision about the processing of personal data.
Most processing of personal data is subject to the GDPR.
