Data Management (Good Questions) Flashcards

1
Q

What are some examples of Data security technologies?

A
  1. Disk Encryption
  2. Regular backups off site
  3. Password protection
  4. Anti-virus software
  5. Firewalls
  6. disaster recovery procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is your understanding of copy right?

A
  1. Set of exclusive rights granted to the author or creator of original work.
  2. Rights can be assigned, licensed or transferred
  3. Form of intellectual property
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What should you do if you include any copyrighted information in your work?

A

Acknowledge author / copyright

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Crown Copyright?

A
  1. Refers to all material created and prepared by the government.
  2. Includes laws, public records, official press releases and OS Mapping
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does GDPR stand for?

A
  1. General Data Protection Regulation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is your understanding of the Data Protection Act 2018?

A
  1. Aims to create a single data protection regime affecting business
  2. Aims to empower individuals to take control of how their data is used by third parties.
  3. Gives people rights to be informed about how their personal information is used.

Key requirements include:

  1. Obligation to conduct data protection impact assessments for high risk holding of data.
  2. Rights for individuals to access information on what data is held and to have it deleted.
  3. Data controller decides how and why personal data is processed. Directly responsible for GDPR.
  4. New principle of ‘‘data accountability’’ - organisations must be able to prove to the Information Commissioner’s Office (ICO) how they comply with the new regulations.
  5. Data Security Breaches need to be reported to the ICO within 72 hours if there is a loss of personal data and a risk of harm to individuals.

Key Principles include:

Article 5(1) - Principles relating to the storage of personal data.

States that data must be:
1. Processed lawfully, fairly and transparently.
2. Collected for specific, legitimate, explicit purposes.
3. Adequate, relevant and limited to what is necessary for their purposes.
4. Accurate, kept up to date. If inaccurate, to be erased or rectified without delays.
5. Kept in a form allowing identification for no longer than necessary.
6. Ensure appropriate security against loss / destruction / unauthorised access.

Article5(2) requires the controller to be responsible, and be able to demonstrate, compliance with the principles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 8 individual rights under UK GDPR

A

RIGHT:
1. To be INFORMED
2. of ACCESS
3. to RECTIFICATION
4. to ERASURE
5. to RESTRICT PROCESSING
6. to DATA PORTABILITY
7. to OBJECT
8. to AUTOMATED DECISION MAKING AND PROFILING

(I ADORERR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Who polices data regulation? What fines can be applied?

A
  1. Policed by the Information Commissioners Office (ICO)
  2. Fines up to greater of 4% of global turnover or £17.5 million.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is your understanding of the Freedom of Information Act 2000?

A

FOI Act 2000 gives individuals the right of access to information held by public bodies

  1. Public body must inform individual requesting FOI whether it holds it.
  2. Normally required to supply information within 20 working days and in format requested.
  3. Can charge for provision of information.

Exemptions to FOI are allowed for a variety of reasons:
1. Contrary to GDPR requirements.
2. Would prejudice criminal matters.
3. Against organisations commercial interest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is your understanding of Non-disclosure agreements (NDA’s)?

A
  1. Legally enforceable contract between two parties relating to sensitive information.
  2. Agreement creates a confidential relationship between the two parties.
  3. Party damaged by breach of NDA can take legal action to enforce agreement & seek damages.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Does the RICS have any guidance on Data Protection?

A

Not yet.

Proposed Professional Standard on Data Handling and Prevention of Cybercrime.

  1. Would cover best practice and mandatory obligations.
  2. Would address data capture / storage / sharing.
  3. Would mandate policies, practices and training for firms & members.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can you name the recently introduced regulations set out to control how companies manage data they hold? Can you name the legislation this is supported by?

A
  1. UK General Data Protection Regulations
  2. Data Protection Act 2018
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Can you name any of the 8 principles covered in the Data Protection act 2018?

A
  1. Fair and lawful processing
  2. Specified and lawful purposes
  3. Adequate, relevant and not excessive
  4. Accurate and up to date
  5. Not kept for longer than necessary
  6. Processed in line with your rights
  7. Held securely
  8. Not transferred to countries without adequate protection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Can you name any of the sources of data currently in use by the construction industry? What factor would you apply for a project from North East England to one in London?

A
  1. BCIS
  2. Location factor
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How does your in-house system comply with GDPR?

A
  1. Information only collected for specific, legitimate purposes.
  2. Information is only relevant to purposes required.
  3. Information is kept up to date
  4. Information is held securely
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does GDPR affect your working activities?

A
  1. Password protection
  2. Update passwords regularly
  3. Encrypted on internal hard drive (v-drive)
  4. Backed up regularly
17
Q

What is meant by to be forgotten?

A
  1. Erasure of personal information
18
Q

If home or hybrid working, how would you deal with cyber security?

A
  1. Firewalls (Z-scaler)
  2. Change passwords frequently
  3. Encrypt on an internal hard drive
  4. Back up regularly
  5. Strong passwords.
19
Q

What challenges is brexit bringing to data management?

A
  1. Shift from EU GDPR to UK GDPR in 2016