Data Management Level 1

Question 1

Can you name the recently introduced regulations set out to control how companies manage the data they hold?

Answer 1

Data Protection and Digital Information Bill. UK version of GDPR

Question 2

Can you name the legislation this is supported by?

Answer 2

Privacy and Electronic Communications Regulations

Question 3

How does GDPR affect your working activities?

Answer 3

Mainly with handling peoples data. How we use it, how we share it.

Question 4

Can you name any of the data protection principles covered in the Data Protection act 2018?

Answer 4

used fairly, lawfully and transparently
used for specified, explicit purposes
used in a way that is adequate, relevant and limited to only what is necessary
accurate and, where necessary, kept up to date
kept for no longer than is necessary
handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage

Question 5

Can you name any of the sources of data currently in use by the construction industry?

Answer 5

Client names, phone numbers, budgets, addresses, intentions.

Question 6

How does your in-house system comply with GDPR?

Answer 6

Secure, only access by relevant staff, working on data lifespan.

Question 7

What are you considered as under the regulations?

Answer 7

Data controller and processor

Question 8

What is meant by to be forgotten?

Answer 8

Right for data to be erased / deleted.

Question 9

If home or hybrid working, how would you deal with cyber security

Answer 9

Logging into the work network, secure home router, good security for physical data.

Question 10

What current challenges is Covid and/or Brexit bringing to Data Management?

Answer 10

Brexit means UK doesn’t have to keep European laws. We do use these but are also creating our own versions.

Question 11

Describe the different types of data

Answer 11

All personal data, identity, health, web data, biometric, racial, political, sexual

Question 12

What are the advantages/disadvantages of a paperless office?

Answer 12

Less risk of physical loss or theft. More risk of all digital data being accessed in the event of a data breach.

Question 13

What is an FOI request?

Answer 13

Freedom of Information request. public right to request personal or public information.

Question 14

How long do you have to respond to an FOI request?

Answer 14

20 working days

Question 15

Describe document storage at your office.

Answer 15

Locked cabinets, secure servers, access cards, clear desk policy.

Question 16

What is GDPR and how do you comply?

Answer 16

General Data Protection Regulations, list off the principals checklist.

Question 17

What are the GDPR Rights of the Individuals?

Answer 17

right of access,
the right to rectification,
the right to erasure,
the right to restrict processing,
the right to data portability,
the right to object,
the right not to be subject to a decision based solely on automated processing

Question 18

What are the rights people have under the Data Protection Act 2018?

Answer 18

Right to:
be informed about how your data is being used
access personal data
have incorrect data updated
have data erased
stop or restrict the processing of your data
data portability (allowing you to get and reuse your data for different services)
object to how your data is processed in certain circumstances

Question 19

What do you mean by keeping data secure, yet accessible by the right people?

Answer 19

Limited access rights

Question 20

How do you know it’s the right time to delete information?

Answer 20

Typically 6 years but can vary with property.

Question 21

Who is the Data Protection Officer at RBC?

Answer 21

Ken Thompson