Data Management (Level 2) Flashcards
What are the rights under the Data Protection Act?
Right to Access – Individuals can request access to their personal data.
Right to Rectification – Individuals can correct inaccurate or incomplete data.
Right to Erasure – Also known as the “right to be forgotten,” individuals can request their data be deleted under certain conditions.
Right to Restrict Processing – Individuals can limit how their data is used.
Right to Data Portability – Individuals can obtain their data in a usable format and transfer it to another organization.
Right to Object – Individuals can object to data processing, especially for marketing purposes.
Rights Related to Automated Decision-Making – Individuals can challenge decisions made solely based on automated processing.
How have you obtained data from published sources for use on a project?
I have used Market reports, government databases, and industry publications
How have you obtained data from in house sources?
I have obtained data from in-house sources by reviewing internal reports, historical records, and databases maintained by the company, ensuring accuracy and relevance to the specific project or analysis.
How have you extracted data for inclusion in a database?
By reviewing relevant documents, such as lease agreements, property records, or market reports, and inputting the necessary details into a structured format. I ensure that the data is accurate, consistent, and categorized correctly, adhering to any applicable data protection regulations.
Can you tell me 3 principles of the UK GDPR and Data Protection Act 2018?
Lawfulness, Fairness, and Transparency
Data Minimization: Only the minimum amount of personal data necessary for the specific purpose should be collected and processed.
Accuracy: Personal data must be accurate and kept up to date, with reasonable steps taken to rectify any inaccurate data.
How do you comply with UK GDPR and the Data Protection Act 2018 in your role?
To comply, I ensure that
Personal Data is Collected and Used Lawfully, I only collect the necessary personal data required to perform my tasks and avoid excessive data collection.
Accuracy and Security: I ensure that the data I manage is accurate and up to date, and I take appropriate steps to protect it from unauthorized access or loss.
Data Retention: I follow guidelines to ensure data is only retained for as long as necessary and securely deleted when no longer required.
How have you set up and used paper-based or electronic project filling systems?
I have set up both paper-based and electronic project filing systems by organizing documents in a logical structure, ensuring they are clearly labelled, easy to access, and securely stored in compliance with data protection regulations.
How have you used a computerised central project database?
Ensured that my team have access to the central project database and that it is secure and clearly labelled
How have you inputted and and extracted data from BIM (Building Information Modelling)?
I have inputted and extracted data from BIM by using software tools to update project models with relevant information, such as measurements and specifications, and retrieved data to assess project progress, identify potential issues, and support decision-making throughout the design and construction phases.
How have you retrieved information from a technical library?
How have you set up a technical library?
I have used online books, articles and reports
I have collated these into an online format and labelled this.
What is a pivot table?
Microsoft Excel - summarise and organise data
What is an index map?
An index map is a map that shows a large area in a simple way, helping you find more detailed maps or specific locations within that area.
What are AVMs?
Automated Valuation Models (like ARGUS)
How have you interpreted legal language in relation to property records?
Lease input forms - what have I inputted
How do you ensure good data security?
Use of passwords
Multi Factor Authentication
Firewalls
Regularly updating software
Lease input form, retail unit, Cheapside
Tell me what you would identify as key lease components?
Term
Names of parties involved
Rent reviews/breaks
Security of tenure
Repairing obligations
If there is an issue in data input how can this affect the management
can lead to errors in rent collection, service charge calculations, and reporting, impacting financial accuracy and decision-making.
How do you ensure that data you hold on clients is kept secure and confidential?
Following data protection procedures
Passwords
Multi factor authentication
Firewalls
Encryption
What should you do if there is a data breach?
What are the fines?
Report to the ICO within 72 hours
4% of the global turnover of the company or £17.5 million
Can you give me some examples of the data you manage?
lease details, rent payments, service charge budgets, maintenance records, tenant contact information, and property inspection reports.
Property inspection upload - Office, High Holborn
You advised your client of the cracks. Were they rectified?
Yes, I recommended that a building surveyor looked at the cracks.
They were re pointed soon afterwards
Property inspection upload - Office, High Holborn
If ignored, who’s responsibility would it be if the cracks had an impact on structural integrity?
Landlord
Property inspection upload - Office, High Holborn
If you felt the client was in the wrong how would you manage this
I would provide clear evidence, explain the risks, stay professional, document everything, and escalate if needed
What are the principles of UK GDPR?
Who is responsible?
Data must be processed lawfully, fairly and in a transparent manner
Collected for specified, explicit and legitimate purposes
Data should only be used for the purpose that it is collected for
Data must be accurate and should be kept up to date
Must be processed in a manner that ensures appropriate security of personal data
The data controller is responsible
If you sent personal information accidentally to the wrong email account what would you do?
Try and recall the email
Notify the person who’s data it is as well as the person I sent it to and ask them to ignore and delete it
Notify my line manager
Notify Data Protection Officer
Notify Compliance Officer at my firm
Could notify ICO within 72 hours of Data Breach
What is Helix’s Privacy Policy?
Displayed on website
In line with GDPR
Helix collect personal data, employment details, payment data, KYC documents etc
6 years
Erasure if inaccurate data collected. Object or restrict usage.
Report to ICO within 72 hours of breach
Who is the data controller at Helix?
My firm
I am a data processor
