Data Management - L1

Question 1

Data Management - Extract from Candidate Guide - Aug 2018 (updated Feb 2022)

Answer 1

Question 2

What does GDPR stand for ?

Answer 2

General Data Protection Regulation

Question 3

When did GDPR come into affect ?

Answer 3

New rules relating to how we collect and process personal data - the EU General Data Protection Regulation (GDPR) - came into effect in the UK on 25 May 2018.

Question 4

What could happen if you do not meet the requirements ?

Answer 4

20m Euros or 4% of the total annual worldwide turnover in the preceding financial year, whichever is higher
10m Euros or 2% of the total annual worldwide turnover in the preceding financial year, whichever is higher

Question 5

Have you completed any training on GDPR ? what did you learn ?

Answer 5

Yes, please see CPD …..

Question 6

What legislation covers data protection in the UK ?

Answer 6

Data Protection Act 2018 and UK GDPR

Question 7

Who does Freedom of Information Act 2000 Apply to?

Answer 7

Public right of access to information held by public authorities.

Question 8

Does GDPR apply post Brexit ?

Answer 8

Yes, many aspects of GDPR will be converted into UK Law on 1st Jan 2021 under the titles UK GDPR. in turn companies will still need to comply

Question 9

What will the changes include (GDPR post Brexit)?

Answer 9

UK government will control the UK GDPR as opposed to the European union.

Question 10

Who oversee information rights in the UK ?

Answer 10

ICO - International Commissioners Office

https://ico.org.uk/

Question 11

What happens if you are sharing or processing data from the EU ?

Answer 11

Adhere to :
* UK GDPR
* EU GDPR
* Data Protection Act 2018

Question 12

Who enforces the data protection ?

Answer 12

Information commissioners office - ICO

Question 13

How do you ensure data you hold on clients is kept secure and confidential ?

Answer 13

I use secure documents that are stored on password protected machines and servers. I also only keep the information I need and use it for the purpose it has been collected without passing it on unless I have approval prior.

Question 14

What are the 7 GDPR principles? - LADSPAS

Answer 14

1. Lawfulness, fairness and transparency
2. Accuracy – where necessary kept up to date, erase inaccurate personal data without dela
3. Purpose limitation
4. Adequate and Necessary
5. Kept no longer than required
6. Integrity and confidentiality

Question 15

How have you changed the way you managed data during COVID 19 and home working ?

Answer 15

Only allowed to use work equipment, the storage of files/documents to be locked away, regular update on password protected equipment etc.

Question 16

What does the Freedom of Information Act 2000 enable?

Answer 16

Limit access to sensitive data use smart passwords to resident details Firewalls and antivirus protection dedicated server stay on top of security updates Limit access to sensitive data use smart passwords to resident details.

Question 17

Why do you keep company data for 12 years?

Answer 17

It is a requirement of our PII insurance that all contracts under deed are kept for a minimum of 12 years and under hand for 6 years. I am aware of the limitation act 1980 to claims which can be brought about up to 15 years after the act of negligence.

Question 18

What is project extranet?

Answer 18

A computer network that allows controlled access from the outside for specific project purposes. Essentially is a system that allows individuals outside the company to view project files on a secure platform.

Question 19

What is BIM?

Answer 19

Building Information Modelling. Software creating 3D models that allow industry professionals to better plan, design, construct and mange buildings/infrastructure.

Question 20

What are the disadvantages of BIM?

Answer 20

Very expensive and not all construction professionals use it and therefore less experts.

Question 21

How does BIM effect your role as a CA?

Answer 21

I’ve not used it but I would imagine that it simplifies the process by theoretically reducing the amount of variations required.

Question 22

What should you do if there is a data breach ?

Answer 22

Inform the Information Commissioner’s Office not later than 72 hours after becoming aware of it.

Question 23

What are ISO Standards ?

Answer 23

International Organisation for Standardisation. An international standard setting body of representatives from varying national standards.
• ISO 9000 – Quality Management Systems
• ISO 8000 – Data Quality
• ISO 14001 – Environmental Management Systems
• ISO 45001 – Health and safety

Question 24

What is the Limitation Act 1980?

Answer 24

The Limitation Act 1980 is an Act of the Parliament of the United Kingdom applicable only to England and Wales. It is a statute of limitations which provides timescales within which action may be taken for breaches of the law.

Question 25

Can you give me some example of the data you manage ?

Answer 25

• Client details
• Finances
• Contact details
• Project details
• Complaints
• etc

Question 26

What is personal data ?

Answer 26

Personal data only includes information relating to natural persons who:
• can be identified or who are identifiable, directly from the information in question; or
• who can be indirectly identified from that information in combination with other information.
• Personal data may also include special categories of personal data or criminal conviction and offences data. These are considered to be more sensitive and you may only process them in more limited circumstances.

Question 27

What are the GDPR rights ?

Answer 27

The UK GDPR provides the following rights for individuals:
• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Question 28

What is the process if there is a data breach ?

Answer 28

• The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible.
• If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, you must also inform those individuals without undue delay.
• You should ensure you have robust breach detection, investigation and internal reporting procedures in place. This will facilitate decision-making about whether or not you need to notify the relevant supervisory authority or the affected individuals, or both.
• You must also keep a record of any personal data breaches, regardless of whether you are required to notify.

Question 29

Can you expand on what BCIS is ?

Answer 29

The Building Cost Information Service, provides cost and price data for the UK construction industry. It is a part of the Royal Institution of Chartered Surveyors.

Question 30

What are the principles of the Bribery Act ?

Answer 30

PCRCDM
• Proportionality
• Commitment (Top Level)
• Risk assessment
• Communication
• Due Diligence
• Monitor and Review

Question 31

What kind of information is ‘sensitive’ information?

Answer 31

Health records, financial information, address, educational records etc

Question 32

What are the benefits of using external data sources such as BCIS etc?

Answer 32

• Industry wide data
• Standardisation
• Data management

Question 33

How long do you keep client’s data and how do you ensure it is deleted when necessary?

Answer 33

Dependent on the type of data and the contract
• Under hand - 6 years
• Under deed - 12 years
• Limitations act – 15 years

Question 34

What types of breaches are there under GDPR ? DDA

Answer 34

• Disclosure
• Destruction
• Alteration

Question 35

What is copyright ?

Answer 35

Copyright is an intellectual property right assigned automatically to the creator. It prevents unauthorised copying and publishing of an original work. Copyright applies to research data and plays a role when creating, sharing and reusing data.

Question 36

Methods to keep data safe?

Answer 36

Disk encryption
Regular backups off site
Password protection
Anti-virus software
Firewalls

Question 37

What is an AVM?

Answer 37

An automated valuation model (AVM) is a software-based tool that’s used in residential and commercial real estate to determine property value. The service uses mathematical or statistical modeling with a combination of existing databases to determine the value of a particular property.

Question 38

What is a SIM?

Answer 38

A search of the index map, or SIM, as it’s usually referred to, is a search of the Land Registry’s mapping records. It shows whether a particular piece of land is registered or not.

Question 39

Name some parties involved in Data Management

Answer 39

Data Protection Officer
Data Controller
Data Handler

Question 40

What is copyright?

Answer 40

Copyright is a legal right, which protects the copyright owner and/or the creator of a work. Copyright gives the owner control over their work and now it is used. Normally, copyright protects a work created by an author. Owners of copyright can use, sell or license a work (to a third party).

Copyright is one of the four areas of intellectual property:

Patents: how something works
Designs what something looks like
Trademarks: what you call it, and
Copyright: the expression (literary, artistic etc)

Question 41

Can copyright be transferred

Answer 41

A copyright owner can sell or transfer their rights to someone else. This is known as a copyright assignment. Assignment can take place in several ways: Automatic assignment - where ownership of copyright transfers automatically to a third party, eg by inheritance or by insolvency.

Question 42

How to check reliability of a data source

Answer 42

Assessment of Accuracy and Authority

Question 43

Limitations of primary and secondary data sources

Answer 43

The limitation to primary data is the expense and time is spent on gathering data, whereas secondary information may be inaccurate or irrelevant.

Question 44

what is a firewall?

Answer 44

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Question 45

What is the difference between a Deed and a Title?

Answer 45

A title is a concept which grants ownership rights to a property owner, while the deed is the legal document stating the rights of ownership.

Question 46

What is block chain?

Answer 46

A blockchainis a distributed database or ledger shared among a computer network’s nodes.

Question 47

Are electronic signatures accepted by the Land Registry?

Answer 47

Yes - HM Land Registry will accept consents, certificates and application forms signed electronically by non-conveyancers as long as these documents are lodged by a conveyancer (see also practice guide 19).

Question 48

What is data redundancy?

Answer 48

Data redundancy occurs when the same piece of data exists in multiple places, whereas data inconsistency is when the same data exists in different formats in multiple tables. Unfortunately, data redundancy can cause data inconsistency, which can provide a company with unreliable and/or meaningless information.

Question 49

What is VLOOKUP used for?

Answer 49

For findings contents of an excel spreadsheet in a table by range or by row

Question 50

What is a pivot table?

Answer 50

A PivotTable is a powerful tool to calculate, summarize, and analyze data that lets you see comparisons, patterns, and trends in your data.

Question 51

What do the Privacy and Electronic Communications Regulations 2003 apply to?

Answer 51

The Privacy and Electronic Communications (EC Directive) Regulations 2003 is a law in the United Kingdom which made it unlawful to, amongst other things, transmit an automated recorded message for direct marketing purposes via a telephone, without prior consent of the subscriber.

Question 52

What is Encryption?

Answer 52

What is Encryption and How Does it Work? - TechTarget
Encryption is the method by which information is converted into secret code that hides the information’s true meaning.