M8. DATA MANAGEMENT

Question 1

What is your understanding of the term Confidentiality?

Answer 1

• Where information is provided but is subject to confidence and not shared without permission.

Question 2

What is your understanding of the term Meta Data and why is this important?

Answer 2

• Meta Data is information about a specific piece of data.
• For example when sharing a cost planning document, the Meta Data associated with this could consist of information about the author, the file size, the date the document was created and keywords to describe the document.

Question 3

What is your understanding of Intellectual Property and Copyright?

Answer 3

• This is the right to control the use and ownership of original works.
• It is common within construction for a client to be granted license for use and reproduction of copyright material which should be clearly defined.

Question 4

What is the Freedom of Information Act 2005?

Answer 4

• The primary piece of UK legislation that controls the access to official information.
• The act permits the public right of access to information held by public authorities.
• Information must also be published through the public authorities publication scheme.
• The act covers all information held and not just information since the act came into effect.

Question 5

What are the benefits of cloud-based storage systems?

Answer 5

• Information is backed up securely on encrypted servers.
• Ease of access (location, multiple users).

Question 6

What is the meaning of a non-disclosure agreement?

Answer 6

• Non-disclosure agreements are used to protect against the disclosure or sharing of any confidential data.

Question 7

If two separate departments within your firm were working for two rival companies how would you ensure client sensitive data was managed?

Answer 7

• I would make the client aware of the risks involved and check their understanding of the conflict of interest.
• I would ensure a letter of instruction to continue was obtained from the client.
• Exclusivity of staff would be arranged.
• The use of non-disclosure agreements would be considered.
• Separate working locations from each of the teams would need to be put in place.
• Secure document and data storage would be arranged to be used exclusively for the separate teams.

Question 8

What is the Data Protection Act 2018?

Answer 8

• The act manages how personal data is used by organisations and the government.
• It is the UK legislation for the implementation of the EU General Data Protection Regulations (GDPR).

Question 9

What are the key Principles of the Data Protection Act 2018?

Answer 9

• The act ensures that data is:-
  o Used fairly, lawfully and transparently.
  o Used in a way that is adequate, relevant and limited to only the purpose it is intended.
  o Is retained for no longer than is necessary.
  o Processed securely including the protection against unlawful use, loss or destruction.

Question 10

Who are the key persons outlined within GDPR?

Answer 10

• Controller
  o The person or legal entity that determines the purposes and means of the processing of personal data for example when processing an employee’s personal data, the employer is considered to be the controller.
• Processor
  o The person or legal entity that processes personal data on behalf of the controller for example a call centre acting on behalf of its client is considered to be a processor.
• Data Protection Officer (DPO)
  o The DPO is a leadership role required by EU GDPR. This role exists within
  companies that process the personal data of EU citizens. A DPO is responsible for overseeing the data protection approach, strategy, and its implementation.

Question 11

What are the 8 individual rights under GDPR?

Answer 11

• To be informed.
• To access.
• To rectification.
• To erasure.
• To restrict processing.
• To data portability.
• To object.
• To automated decision making and profiling.

Question 12

What different sources of information do you use in your day-to-day surveying?

Answer 12

• RICS Guidance Notes.
• Contract Documentation.
• Previous Tenders.
• Cost Plans.
• Valuation data.
• Industry Journals.
• Specialist sub-contractor information.

Question 13

How do you manage sources of data/information to ensure compliance with legislation?

Answer 13

• lockable and secure document storage.
• encrypted servers.
• lock my computer when away from my desk
• update passwords regularly

Question 14

How do companies ensure compliance with the Data Protection legislation generally?

Answer 14

• They should only retain data they need to perform their day-to-day operations.
• They should hold the data securely.
• If they are retaining someone’s data they should ensure the person is kept informed and advised on why they have it.
• They should also keep the information up to date and delete information they no longer need.

Question 15

What is your understanding of the term ‘Data Management’?

Answer 15

The collecting, storing and using of data.

Question 16

How long must you keep data for?

Answer 16

• Typically 6 years if contract signed underhand
• Typically 12 years if contract signed as a deed
• RICS recommends 15 years as this is the limitation period for most claims.