M - Data Management

Question 1

Why is data management important?

Answer 1

• Increases efficiency and productivity
• Less likely to breach GDPR
• Enhanced security

Question 2

Parties in GDPR

Answer 2

Data Controller - Decides how and why to collect and use data. Makes sure the processing of data complies with data protection law
Data Processor - Processes data on behalf of controller
Data Subject - individual whom data is about
Data Protection Officer - Guarantor of compliance with the data protection regulations

Question 3

Legislations surrounding data management

Answer 3

• The Data Protection Act 2018 (GDPR)
• Freedom Of Information Act 2000

Question 4

Can you name some sources of cost data

Answer 4

• BCIS
• In-house
• Tender returns
• SPONS
• Market testing

Question 5

What is GDPR?

Answer 5

General Data Protection Regulation
Regulation in EU law on data protection and privacy

Question 6

Benefits of cloud based storage systems

Answer 6

• Information is backed up securely on encrypted services
• Accessibility can be manage via online settings
• Usually cheaper than physical storage
• Environmentally friendly

Question 7

If 2 separate teams in RLB were working for 2 rival companies how would you ensure sensitive client data was managed

Answer 7

• Make client aware
• Letter of instruction to continue
• Exclusivity of Staff
• NDA’s separate working locations
• Limit access to material to authorised staff

Question 8

What things must companies put in place to ensure GDPR compliance

Answer 8

Raise awareness across business
Audit personal data,
Update your privacy notice,

Question 9

What are the 7 principles of GDPR?

Answer 9

• Lawfulness, fairness and transparency
• Accuracy
• Storage limitation
• Confidentiality
• Accountability
• Purpose limitation
• Data minimisation

Question 10

What are the penalties for breach of GDPR regulations?

Answer 10

Fines up to £17.5 million or 4% of annual global turnover

Question 11

Why is GDPR required

Answer 11

Data Protection Act 2018

Question 12

Sources of information used in role

Answer 12

• RICS Guidance Notes
• Contract Documents
• Previous Tenders
• Cost Plans
• Benchmark Data such as BCIS, SPONS, Laxtons
• Industry Journals
• Quotations and contractor information

Question 13

Persons rights under Data Protection Act (individual rights)

Answer 13

• To rectify
• To access
• To data portability
• To be informed
• To object
• To erasure
• To restrict processing
• To automated decision making & profiling

Question 14

Non-disclosure agreement

Answer 14

Protection against sharing or disclosure of any confidential information covered under the NDA.

Question 15

How long to keep data for?

Answer 15

6 years - Signed Underhand
12 years - Signed as a Deed

Question 16

Freedom of Information Act 2000

Answer 16

Provides public access to information held by public authorities
Two ways:
- Public authorities obliged to publish certain info about their activities
- Public entitled to request information from public authorities

Question 17

Data Protection Act 2018 Key Principles

Answer 17

Ensures data is used:
- Fairly, lawfully and transparently
- Used adequately relevant and limited to the purpose which it is intended.
- Is retained for no longer than is necessary
- Processed securely including the protection against unlawful use, loss or destruction.

Question 18

Data Protection Act 2018

Answer 18

Control how personal info is used by organisations, businesses or government
UK’s implementation of GDPR