Data Management

Question 1

What is GDPR

Answer 1

The EU General Data Protection Regulations is a legal framework replacing data protection directive which sets guidelines for the collection and procession of personal information. It came into force in May 2018 and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and reshape the way organisations approach data privacy.
There are new rights for people to access information companies hold about them, obligations for better data management and a new regime for breaches and fines.

Question 2

What is personal data?

Answer 2

Any information related to a person that can be used to directly or indirectly identify a person, such as name, photo, bank details, email address etc.

Question 3

What is a data subject?

Answer 3

The person who’s personal data it is

Question 4

What is the data protection authority?

Answer 4

The DPA is the national authority responsible for implementing and enforcing GDPR.

Question 5

What is the data protection officer?

Answer 5

The individual person within an organisation responsible for data protection compliance.

Question 6

What is the data controller?

Answer 6

The person who decides the purpose for which any personal data is to be processed and the way in which it is to be processed.

Question 7

What is the data processor?

Answer 7

Third parties that process data on behalf of the data controller.

Question 8

What is the difference between the data controller and the data processor?

Answer 8

A controller is the entity that determines the purpose, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.

Question 9

When should a business appoint a DPO?

Answer 9

If (a) a public authority
(B) an organisation that engages in large scale systematic monitoring or (c) organisations that engage in large scale processing of sensitive personal data.

Question 10

What are the fines for GDPR

Answer 10

The maximum fine is up to €20m or 4% of a firms annual global turnover (which ever is greater)

For smaller offences like not having records in order, could result in fines of €10m or 2% of a firms global turnover (which ever is greater) in

Question 11

How will GDPR affect surveying practices

Answer 11

It will impact:

• the data you hold for your clients
• any working papers that support your compliance work which contain personal data
• any customer data held for marketing purposes
• emails and correspondence

Question 12

What is best practice with GDPR?

Answer 12

Conduct a date review/ audit
Anonymise data wherever possible me
Encrypt everything
Create a breach response policy - a plan should be in place to handle clients request for data
Have a robust data handling policy for al data
Data storage - there are no minimum and maximum periods so the firm needs to decide what’s necessary but must ask itself why it believes it is necessary to continue to hold personal information

Question 13

What is a GDPR breach?

Answer 13

A breach of security leading to an accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to personal data transmitted, stored or otherwise processed. A breach must be reported to the national regulator within 72 hours or becoming aware of it.

Question 14

Who regulates the GDPR?

Answer 14

In the U.K. it is the Information Commissioners Office (ICO).

Question 15

What’s the difference between regulations and directive?

Answer 15

Regulation is a binding legislative act. It must be applied in its entirety across the EU, while a directive is a legislative act that sets out a goal that all EU countries must achieve. GDPR is a regulation as opposed to previous legislation which was a directive.

Question 16

What are some of the key changes of GDPR?

Answer 16

The key changes of GDPR are:

1. It applies to all companies processing data of data subjects in the EU
2. Private individuals not engaged in business activities are now exempt. You are free at home to store personal contact details for personal use only.
3. Penalties - organisations in breach can be fined up to 4% of their annual turnover or €20m, whichever is greater.
4. Consent must be clear and distinguishable and in clear plain language. It must be easy to withdraw consent.
5. Breach notification are 72hours from when you become aware of the breach.
6. Rights to access - individuals have the right to obtain confirmation that their data is being processed and have access to their personal data’s
7. Right to be forgotten - individuals have the right for their personal data to be forgotten and erased.

Question 17

Why do you think confidentiality is important?

Answer 17

I think that it shows you are trustworthy and respectful which I believe shows integrity and ethical behaviour.

Question 18

How do you store information and discard of it?

Answer 18

CBRE uses a standard filing system and we need to adhere to ISO9001. We are audited internally and externally on a regular basis and therefore have to ensure we file documents correctly. With confidential information I would make sure I discard in confidential waste bins. I would also make sure that any documentation being kept as hard copies is archived appropriately.

Question 19

What is BIM?

Answer 19

Building information modelling is a process for creating and managing information on a construction project across its lifecycle. It gives a digital description of every aspect of the built asset. It enables those who interact with the building to optimise actions. There are different levels to BIM, 0 being simplist form with no collaboration only 2D drawings, 1 being a mixture of 3D concept work and 2D, 2 being collaborative working and requires an information exchange process.

Question 20

What are the benefits of BIM?

Answer 20

1. Better collaboration
2. Improved coordination
3. Reduced costs and mitigated risk
4. Improved scheduling and sequencing
5. Increased productivity
6. Safer construction sites

Question 21

How can BIM Gelo the construction stage?

Answer 21

During the construction stage, the BIM model can be used as a coordination tool. The model can be used to deliver updates to the team and can be updated to include changes. Working with the FM team, the handover strategy will he developed to ensure the seamless transition from construction to operation. At the end of construction, the ‘as constructed’ BIM model will be prepared to incorporate project changes and where appropriate, warranty information compiled.

Question 22

How does BIM help during the operations stage?

Answer 22

During the operations stage of a project BIM can assist with scheduling maintenance tasks and managing the building. You can use the model for generating annual maintenance plans or easily locate parts that require maintenance.

Question 23

What are the different levels of BIM?

Answer 23

Level 0 - describes unmanaged CAD (computer aided design)

Level 1 - describes managed CAD in 2D or 3D

Level 2 - involves developing building information in a collaborative 3D environment with data attached but created in separate discipline models

Question 24

What is ISO9001

Answer 24

ISO 9001 is a quality management system based on a number of quality management principles which help to ensure greater consistency and good quality produces and services.

Question 25

What is an NDA?

Answer 25

non-disclosure agreement. confidentiality agreement and if a breach occurs you can claim damages.

Question 26

What is ISO14001?

Answer 26

It is an environmental management system where you record your energy usage, waste management and how you manage compliance obligations. Again will be subject to audit.