Data Management Level 2 Flashcards
Why is detailed file naming, dating, clients and job location necessary?
- Easy identification
- Prevents duplication of data
- Allows classified information to be known
When would you not need to password protect a file?
- Confidential information
- Information barrier following CoI
- No editing
What was your External inspection app?
TOUR
What is the purpose of the internal inspection app?
Loan security purposes
What are the pros of the app?
- Easy to use
- All information is in one place
- Easily replicated
- Photo feature
- Emails proforma
- Covers all aspects of property
What data does the app collect?
- Construction type
- no. rooms
- specification
- amenity provisions
- room sizes
- solar panels?
- car parking spaces etc
Why is it important to collect this data from the inspections tool?
Helps to provide an opinion of value
Ensures repeat of inspection is done on a like for like basis
How is the proforma saved?
In the app
Only the creator has access to the property thye set up
- proforma is emailed in an excel format
- I save in an inspections folder
Who has access to the inspections folder?
Anyone who is working on that valuation - in the property folder
What is the importance of the data collection with the inspections tool?
helps to inform opinion of value
What were the cons of the app?
- Bug glitches
- Set up for all asset classes so lots of blanks
- Need a charged mobile
What was your second level 2 example?
PBSA Investment Tracker
Where did you gather the evidence from?
- Agents
- Clients
- Online sources
- Email alerts
- Hearsay
How did you validify the results with tracker information?
- Confirmed information with agents
- Always provided the source
Why did you collect in excel format?
- Prolific in excel
- Easy to present data
- Easy to share
- Can be updated and edited easily
Why did you ensure the tracker was updated regularly?
- Validity of data
- Accurate data
- Improved service to clients
ensure our data is reliable
Why did you use Microsoft teams site?
- Excel used as I was competent in it
- it can be locked for editing to ensure no one modifies the data
- Good system for presenting and analysing data.
Multiple people can view at one time
Only I had access controls to edit the data - Can generally only be accessed by one person at a time.
- Weakness is that it can be difficult to distribute
Why did you need to have authorised access?
- Confidential data
- Only for PBSA valuations/Cap markets
Why did you have automated emails?
To receive most up to date information
How important is it to ensure strict data control?
- Legal compliance (GDPR)
Article 5(1) Principals of UK GDPR - Trust – data breaches can erode trust
- Prevent financial loss
- Protection – sensitive data
- Types of data security technologies
How did you stick to UK GDPR with the Investment tracker?
In line with the 8 principals of GDPR
Lawfully
* Correct data presents
* Confidential where necessary
Accurate and Relevant
* Verified information
* Labelled sources
* Updated regularly
* Only relevant PBSA details
Security
* Restricted access
* Kept securely
how did you ensure the tracker data was valid?
- ensure to try and clarify any online data received from online with the agents
- ensure to note the source
- add a comment to highlight any hearsay evidence
What was the purpose of the tracker?
Allow us to monitor market dynamics and therefore provide reasoned, well-researched advice
Were you ever asked to distribute the data base further? How would you limit data spills from this?
Yes, but I did not as the necessary conflict checks had not been undertaken.
Ensured that the file was saved on a secure departmental only file and was password protected for external users.
What information is held on the tracker?
- Property description – no. beds
- Type of transaction ie Investment, FF
- Purchase price
- Yield
- Purchaser and Vendor
- Source
Did you provide the source of informaiton?
Yes - to ensure that people knew where it was from and if it had been verified by agents
What is the importance of confirming data?
Ensure accuracy as per GDPR principles – otherwise potentially basing advice off inaccurate information
How did you ensure it was only accessible to the department?
- Only people in the department have access to these files
- All files are stored on my firms’ internal network which requires a double password to gain access. Each client’s file is named and dated
What potential conflicts could there be? What is a conflict? How would a conflict be managed if it were identified?
Could be a conflict with instruction in relation to a certainty property or purchaser held on the data base – or more likely the purpose for which the tracker is used
Conflict = when a firm or members impartiality is threatened due to other financial or personal interest in a situation
Management – setting up of information barriers if written client consent provided, or if cannot manage then decline instruction
How long did you hold evidence for?
Files were safely deleted on the system once the purpose of their use had completed as per GDPR guidelines
Also considered integrity and confidentiality
However, a record of these Files were kept for 6 years in accordance with the Limitation Act (1980)
How would you securely delete data?
Delete from files, and ensure this is entirely wiped off the system – checking the recycling bin, and potentially using additionally software such as an eraser system to delete off the drive.
How would you deal with a data breach?
- Contain the breach
- Assess the damage
- Notify those affected
- Investigate the cause
Take steps to further prevent further breaches
Are you aware of any case law in regards to data breaches? What are the fines associated with a data breach?
Halfords, 2022 – fined £30,000 by the ICO, they sent out 500,000 marketing emails about ‘fix your bike scheme without gaining customer’s consent’.
How did you determine any information provided to you was not confidential?
- agent would state if so
- if information was taken online - it would not be confidential as it is publicly available
