Data Management - Level 3 Flashcards

1
Q

What is GDPR?

A

General Data Protection Regulations (2016) effective May 2018

It aims to create a singe data protection regime for the EU.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How is data protection legislated in the UK?

A

UK GDPR 2020

Data Protection Act 2018 implemented GDPR (2016)

Replaced DPA Act 1998

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the principles under the Data Protection Act 2018?

A

Used lawfully, fairly and transparently
Collected for specified and legitimate purposes
Accurate
Retained for no longer than is necessary
Processed securely including the protection against unlawful use, loss or destruction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 8 individual rights under GDPR?

A

Informed
Access
Rectification
Erasure
Restrict Processing
Data Portability (their own use)
Object
Automated Decision Making and Profiling (Insurance companies)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Who are the key persons outlined within GDPR?

A

Controller - Determine the purposes and means of the processing of personal data. (Employer)

Processor - Processes personal data on behalf of the controller. (Call centre)

Data Protection Officer - Oversees the data protection approach, strategy and its implementation. Leadership role required by GDPR (2016).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some changes brought about by GDPR?

A

Data Controller responsible for GDPR

Individuals can request what personal data is held and request it is deleted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Who is GDPR policed by?

A

Information Commissioners Office (ISO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What do you know about forthcoming data legislation?

A

On 8 March 2023, the Government published the Data Protection and Digital Information Bill (2nd).

The New Bill looks to reform the current UK data protection framework comprising of UK GDPR, the DPA 2018 and the Privacy and Electronic Communications Regulations 2003.

Intended to make data protection legislation simpler for businesses to understand and implement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the Freedom of Information Act 2000?

A

Primary piece of UK legislation controlling the access to official information

Allows an individual to request access to information held by a public body.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the timescales for requesting information under the Freedom of Information Act 2000?

A

20 working days in the requested format
A fee may be charged

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is personal data?

A

Under GDPR, Personal data is any information which is related to an identified or identifiable natural person.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a non-disclosure agreement?

A

NDAs are used to protect against the disclosure or sharing of any confidential data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a subject access request?

A

SAR - demand that the individual be given all information that a company holds on them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is copyright?

A

A set of exclusive rights granted to the author or creator of any original work, including the right to copy which can be licensed, assigned or transferred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is meant by confidentiality?

A

Where information is provided, but is subject to confidence and not shared without permission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Meta Data and why is this important?

A

Meta Data is information about a specific piece of data, e.g., file size, author, date a document was created
It is important as we must ensure that Meta Data is afforded the same level of care as all other confidential data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the benefits of cloud based storage systems?

A

Information is backed up securely on encrypted servers.
Accessibility can be managed via online settings.
Often cheaper than costs of physically storing and managing files.
Convenient to send/share files online
More environmentally friendly
Multiple users can access the same documents
Documents and folder systems can be syncronized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What different sources of information do you use in your day to day work?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How do you manage these sourced of information to ensure compliance with the legislation?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How does your firm ensure compliance with Data Protection Act 2018?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What data is held in your office?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What do you need to do if you have a data breach?

A

Notify the Information Commissioners Officer (ICO) within 72 hours of the breach occurring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the fines for non-compliance with GDPR?

A

Up to 4% of global turnover or 20 million euros (whichever is greater)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Describe a time you have used property records to communicate complex, reasoned advice?

24
Q

What is some best practice to employ in managing data?

25
Q

What are the main aims of the Equality Act 2010?

A

The Equality Duty has three aims. It requires public bodies to have due regard to the need to:

1 - eliminate unlawful discrimination, harassment, victimisation and any other conduct prohibited by the Act;

2 - advance equality of opportunity between people who share a protected characteristic and people who do not share it;

3 - foster good relations between people who share a protected characteristic and people who do not share it.

26
Q

What act implemented the GDPR in the UK?

A

Data Protection Act (2018) which replaced the Data Protection Act 1988

27
Q

What are the principles of the Data Protection Act 2018?

A

Processed lawfully, fairly and in a transparent manner
Collected for a specified and legitimate purpose
Accurate
Not transferred to countries with less information than your own

28
Q

What are the individual rights under GDPR?

A

There are 8:
Information
Access
Rectification
Erasure
Restrict Processing
Data Portability
Object
Automated decision making

29
Q

What are the principles of GDPR?

A

There are 7:
Lawfulness, fairness and transparency
Purpose of limitation - be specific about the purpose of the data collection
Data minimisation - only collect it when you need it
Accuracy
Storage limitations - store data for a necessary limited period and then erase
Integrity and confidentiality - keep it secure
Accountability - record and prove compliance

30
Q

What is your understanding of the term confidentiality?

A

Where information is provided but is subject to confidence and not shared without permission

31
Q

What is your understanding of Intellectual Property and Copyright?

A

This is the right to control the use and ownership of original works.
Work generally created by an employee usually belongs to their employer unless copyrights are put in place.

32
Q

What is the Freedom of Information Act 2005?

A

Primary piece of UK legislation that controls the access to official information.
The act permits the public right of access to information held by public authorities.
Information must be published through the public authorities publication scheme.
The act covers all information held and not just information since the act came into effect

33
Q

What is data?

A

Information - especially facts or numbers, collected to be examined and considering and used to help decision making

34
Q

What data do you use to make decisions?

A

Local rental data
Valuation data
Location data
Measurement data

35
Q

What is the purpose of the information Act?

A

The fair and and proper use of peoples personal data

36
Q

How do you keep data secure?

A

Encryption
Firewalls
Don’t connect to open wifi
Passwords changed every 30 days
Not leaving devices in open car/ on desk etc

37
Q

What is the freedom of information act?

A

A piece of legislation that grants public access to documents or other data in the possession of a government agency or public authority

38
Q

What are the public bodies?

A

Local authority
Council
HMRC
NHS
Police
Schools

39
Q

Basic principles of FOI legislation

A

Maximum disclosure
Publish Key Information
Promote open government
Exceptions narrowly down
Processes rapidly and fairly
Minimum costs

40
Q

What does it mean by maximum disclosure?

A

Shouldn’t be holding back things that should be shared with you unless their is good reason

41
Q

What does it mean by publish key information?

A

Public bodies should be under an obligation to publish key information.

42
Q

What does it mean by promote open government?

A

Public bodies must actively promote open government - democracy

43
Q

What does it mean by exceptions narrowly drawn?

A

Should be narrowly drawn as to avoid including material which does not harm the legitimate interest.

44
Q

What does it mean by processed rapidly and fairly

A

Requests should be dealt with promptly and should be treated equally and there should be an independent review of refusals

45
Q

What does it mean by minimum costs?

A

Individuals should not be deterred from making request for information by excessive costs.

46
Q

Name you main sources of data?

A

Historic England
Land registry
EGI
Rightmove
EPC
Council tax
Business rates
Inspections
Tenants
Landlords

47
Q

What is your favourite professional standard?

A

RICS Red book global standards

48
Q

Who makes the final decision if you act for the client or not?

A

Me - if I don’t feel confident then I will not act for the client.

49
Q

What are rules of conduct?

A

These rules set out the standards of professional conduct and practice expected of members and firms registered for regulation by RICS

50
Q

What are international standards?

A

High level standard developed in collaboration with other relevant bodies

51
Q

What are professional statements?

A

Mandatory requirements for RICS members and regulated firms.

52
Q

What are guidance notes?

A

A document that provides users with recommendations or an approach for accepted good practice as followed by competent and conscientious practitioners

53
Q

What are codes of practice?

A

A documents developed in collaboration with other professional bodies and stakeholders that will have the status of a professional statement or guidance notes

54
Q

What are Jurisdiction guides?

A

This provides relevant local market information associated with an RICS international standard or RICS professional statement. This is not guidance or best practice material, but rather information to support adoption and implementation of the standard or statement locally

55
Q

What software and other systems do you use?

A

One drive
Central database
The hub
Share point
Word
Excel

56
Q

How/where do you store data within your organisation?

A

Computer
Phone
Office - draws

57
Q

How long should data be retained for?

A

As long as it is necessary
7-10 years for Vickery Holman depending on