Data Management Level 2

Question 1

Why is detailed file naming, dating, clients and job location necessary?

Answer 1

• Easy identification
• Prevents duplication of data
• Allows classified information to be known

Question 2

When would you not need to password protect a file?

Answer 2

• Confidential information
• Information barrier following CoI
• No editing

Question 3

What was your External inspection app?

Answer 3

TOUR

Question 4

What is the purpose of the internal inspection app?

Answer 4

Loan security purposes

Question 5

What are the pros of the app?

Answer 5

• Easy to use
• All information is in one place
• Easily replicated
• Photo feature
• Emails proforma
• Covers all aspects of property

Question 6

What data does the app collect?

Answer 6

• Construction type
• no. rooms
• specification
• amenity provisions
• room sizes
• solar panels?
• car parking spaces etc

Question 7

Why is it important to collect this data from the inspections tool?

Answer 7

Helps to provide an opinion of value
Ensures repeat of inspection is done on a like for like basis

Question 8

How is the proforma saved?

Answer 8

In the app
Only the creator has access to the property thye set up
- proforma is emailed in an excel format
- I save in an inspections folder

Question 9

Who has access to the inspections folder?

Answer 9

Anyone who is working on that valuation - in the property folder

Question 10

What is the importance of the data collection with the inspections tool?

Answer 10

helps to inform opinion of value

Question 11

What were the cons of the app?

Answer 11

• Bug glitches
• Set up for all asset classes so lots of blanks
• Need a charged mobile

Question 12

What was your second level 2 example?

Answer 12

PBSA Investment Tracker

Question 13

Where did you gather the evidence from?

Answer 13

• Agents
• Clients
• Online sources
• Email alerts
• Hearsay

Question 14

How did you validify the results with tracker information?

Answer 14

• Confirmed information with agents
• Always provided the source

Question 15

Why did you collect in excel format?

Answer 15

• Prolific in excel
• Easy to present data
• Easy to share
• Can be updated and edited easily

Question 16

Why did you ensure the tracker was updated regularly?

Answer 16

• Validity of data
• Accurate data
• Improved service to clients
  ensure our data is reliable

Question 17

Why did you use Microsoft teams site?

Answer 17

• Excel used as I was competent in it
• it can be locked for editing to ensure no one modifies the data
• Good system for presenting and analysing data.
  Multiple people can view at one time
  Only I had access controls to edit the data
• Can generally only be accessed by one person at a time.
• Weakness is that it can be difficult to distribute

Question 18

Why did you need to have authorised access?

Answer 18

• Confidential data
• Only for PBSA valuations/Cap markets

Question 19

Why did you have automated emails?

Answer 19

To receive most up to date information

Question 20

How important is it to ensure strict data control?

Answer 20

• Legal compliance (GDPR)
  Article 5(1) Principals of UK GDPR
• Trust – data breaches can erode trust
• Prevent financial loss
• Protection – sensitive data
• Types of data security technologies

Question 21

How did you stick to UK GDPR with the Investment tracker?

Answer 21

In line with the 8 principals of GDPR
Lawfully
* Correct data presents
* Confidential where necessary
Accurate and Relevant
* Verified information
* Labelled sources
* Updated regularly
* Only relevant PBSA details
Security
* Restricted access
* Kept securely

Question 22

how did you ensure the tracker data was valid?

Answer 22

• ensure to try and clarify any online data received from online with the agents
• ensure to note the source
• add a comment to highlight any hearsay evidence

Question 23

What was the purpose of the tracker?

Answer 23

Allow us to monitor market dynamics and therefore provide reasoned, well-researched advice

Question 24

Were you ever asked to distribute the data base further? How would you limit data spills from this?

Answer 24

Yes, but I did not as the necessary conflict checks had not been undertaken.
Ensured that the file was saved on a secure departmental only file and was password protected for external users.

Question 25

What information is held on the tracker?

Answer 25

• Property description – no. beds
• Type of transaction ie Investment, FF
• Purchase price
• Yield
• Purchaser and Vendor
• Source

Question 26

Did you provide the source of informaiton?

Answer 26

Yes - to ensure that people knew where it was from and if it had been verified by agents

Question 27

What is the importance of confirming data?

Answer 27

Ensure accuracy as per GDPR principles – otherwise potentially basing advice off inaccurate information

Question 28

How did you ensure it was only accessible to the department?

Answer 28

• Only people in the department have access to these files
• All files are stored on my firms’ internal network which requires a double password to gain access. Each client’s file is named and dated

Question 29

What potential conflicts could there be? What is a conflict? How would a conflict be managed if it were identified?

Answer 29

Could be a conflict with instruction in relation to a certainty property or purchaser held on the data base – or more likely the purpose for which the tracker is used
Conflict = when a firm or members impartiality is threatened due to other financial or personal interest in a situation
Management – setting up of information barriers if written client consent provided, or if cannot manage then decline instruction

Question 30

How long did you hold evidence for?

Answer 30

Files were safely deleted on the system once the purpose of their use had completed as per GDPR guidelines
Also considered integrity and confidentiality
However, a record of these Files were kept for 6 years in accordance with the Limitation Act (1980)

Question 31

How would you securely delete data?

Answer 31

Delete from files, and ensure this is entirely wiped off the system – checking the recycling bin, and potentially using additionally software such as an eraser system to delete off the drive.

Question 32

How would you deal with a data breach?

Answer 32

• Contain the breach
• Assess the damage
• Notify those affected
• Investigate the cause
  Take steps to further prevent further breaches

Question 33

Are you aware of any case law in regards to data breaches? What are the fines associated with a data breach?

Answer 33

Halfords, 2022 – fined £30,000 by the ICO, they sent out 500,000 marketing emails about ‘fix your bike scheme without gaining customer’s consent’.

Question 34

How did you determine any information provided to you was not confidential?

Answer 34

• agent would state if so
• if information was taken online - it would not be confidential as it is publicly available