Summary Of Experience Data Managment

Question 1

How would you ensure that data held on your property management system was fully accurate?

Answer 1

Input the information directly from the source ie lease and have a secondary surveyor review

Question 2

What rights does the data protection act give?

Answer 2

• what is their data being used for.
• right to request data holds on them.
• request to delete information on an individual

Question 3

When should a firm delete personal data?

Answer 3

As soon as it is no longer required

(No longer than 7 years to keep data)

Question 4

How do you protect the data safe on your systems?

Answer 4

• password protect
• data encryption
• firewalls
• data cloud backup

Question 5

What is the ICO and their role?

Answer 5

Information commission office

Promoting good practice in handling personal data and giving advice and guidance on data protection

Question 6

Difference between tramps and horizon?

Answer 6

Tramps is internal universal system
Horizon is client system

Question 7

Difference between gdpr and data protection act 2018?

Answer 7

GDPR is EU

Data protection supplements GDPR but post brexit is tailored to UK legislation and issues

Question 8

Principles of GDPR

Answer 8

• lawfulness, fairness, transparency
• purpose limitation
• data minimisation
• accuracy
• storage limitation
• integrity and confidentiality
• accountability

Question 9

What do you do if you believe a data breach has taken place?

Answer 9

1. Contain the breach - isolate the system
2. Access the severity of beach
3. Notify the data protection officer internally and ICO needs to be notified within 72 hours
4. Take stricter measures to prevent this in future

Question 10

How you ensure data held on system was fully accurate?

Answer 10

In put directly, checked by a second surveyor.

Accountants can override as they have role based access control if error occurred

Question 11

How can you protect your clients data?

Answer 11

• role based access controls (junior surveyors shouldn’t be able to tamper with clients data)
• password protection (3 phase access qube)
• firms have firewalls
• firm have secondary data base and cloud storage (sharepoint)
• data minimisation (only share amount required and delete when no longer needed)
• data protection plan going forward

Question 12

How should data be collected?

Answer 12

• ethically, legally and responsibly
• make sure it complies with GDPR

(Think of principles)

Question 13

Glory park example, you provided footage of CCTV.

What did you have to take into account?

Answer 13

1. Tenant had to fill in “subject access form”
2. As there was legitimate interest under GDPR, this was viable for them to view
3. CCTV was also sent to police

Question 14

Hemel Hempstead example. How did you store the info regarding the reinstatement clause?

Question 15

Rights under GDPR?

Answer 15

the right to be informed;

the right of access;

the right to rectification;

the right to erasure or restrict processing; and

the right not to be subject to automated decision-making.

Question 16

What does the Limitations act outline?

Answer 16

The Limitation Act 1980 sets out the time limit within which claims must be brought. In the case of data breach claims, this is usually six years from the date of the breach. However, it’s important to note that this time limit may vary depending on the circumstances of your case.

Question 17

Rights?

Answer 17

he right to be informed;
the right of access;
the right to rectification;
the right to erasure