Data Management

Question 1

297. How long do you need to keep data for?

Answer 1

• 6 years if a contract is signed underhand
• 12 years if the contract is signed as a deed
• RICS recommends up to 15 years, this is the limitation period for most legal claims

Question 2

298. What kind of data systems do you use in your organisation?

Answer 2

• Shared network drives and servers
• Sharepoint & one drive
• Microsoft teams
• Project specific project management systems such as fastdraft, Asite and project wise.

Question 3

299. What is a project extranet system?

Answer 3

A computer system that allows external parties to view project files on a secure platform
Key advantages
* Improve communication
* 24 hour access
* Efficient
* Secure
Key disadvantages
* Can be expensive
* Requires maintenance
* May require user training to operate

Question 4

300. What are the benefits of cloud based storage?

Answer 4

• Easy access anywhere in the world
• Secure/password protected
• Low set up cost
• Teams can work in real time
• Access control/restrictions available for confidential files and folders

Question 5

301. What sources of pricing data are available?

Answer 5

• BCIS
• Pricing books such as SPONS
• Benchmarking
• In house records and data bases

Question 6

302. What are pricing books?

Answer 6

• Pricing books cover all the main areas of the construction process from dilapidations, maintenance works and new builds on both large and small projects.
• Assists with estimating and valuing works and variations

Question 7

303. What is the BCIS

Answer 7

• Business Cost Information Service – Owned by the RICS
• Provides cost and price date for the UK construction industry. The data will help to produce specific estimates for options appraisals, provide early cost advice and plan cost and benchmarks

Question 8

304. What is the data protection act 2018?

Answer 8

• Controls how your personal information is used by organisations.
• This is the UKs implementation of the General Data Protection Regulations which is European legislation.

Question 9

305. What is GDPR?

Answer 9

General Data Protection Regulations is an EU law on data protection and privacy in the EU and European Economic Area. It also addresses the transfer of personal data outside of the EU and EEA areas.

Question 10

306. What is the purpose of GDPR?

Answer 10

• Designed to harmonised data privacy laws across all of its member countries as well as provide grated protection and rights to individuals.
• Also created to alter how businesses and other organisations can handle information of those that interact with them. There is potential for large fines and reputational damage for those found in breach of the rules.

Question 11

307. Who are the key persons outlined in GDPR?

Answer 11

authorities
1. Data Controller – Person that decides how and why to collect and use the data. The controller must make sure the processing of that data complies with data protection law
2. Data processor – A separate who processes data on behalf of the controller and in accordance with their instructions
3. Data subject – Individual who personal data is about
4. Data protection officer – Is a guarantor of compliance with the data protection regulations, without replacing the functions carried out by the supervisory

Question 12

308. What constitutes personal data

Answer 12

• Any information related to a natural person or “data subject”, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, post on social networking websites, medical information or computer IP addresses.
• The legalisation applies not only to electronic data but records that are stored in a form that can easily be searchable.

Question 13

309. What is the difference between a data processer and data controller?

Answer 13

A controller is the person who determines the purposes conditions and means of the processing of personal data, while the processor is a person which processes personal data on behalf of the controller.

Question 14

310. What are the 7 key principals of GDPR?

Answer 14

1. Lawfulness, fairness and transparency
2. Purpose limitation
3. Data minimisation
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality (security)
7. Accountability

Question 15

311. What are the 8 individual rights under GDPR?

Answer 15

1. To be informed
2. To access
3. To rectification
4. To erasure
5. To restrict processing
6. To data portability
7. To object
8. To automated decision making and profiling

Question 16

312. Who enforces GDPR?
     The information commissioner`s office

Question 17

313. What is the Freedom of Information Act 2000

Answer 17

• The Freedom of Information Act 2000 provides public access to information held by public authorities
• It does this in two ways:
  o Public authorities are obliged to publish certain information about their activities
  o And members of the public are entitled to request information from public authorities

Question 18

314. If you intend to destroy a document what should you consider beforehand?

Answer 18

• Is the document an original contract or legal document
• Could the document be required to litigation or other proceedings
• Does the document relate to a live project
• Is a back up copy available

Question 19

315. What measures could be taken to protect commercially sensitive information?
     * Have an non-disclosure agreement or NDA in place
     * Physical separation of staff
     * Security of stored documentation, including locked filing cabinets and password protected servers

Question 20

316. Are there anyways that we can protect data when sending on a clients behalf?

Answer 20

• Encryption and password locking
• Recorded or special delivery
• Make it as confidential
• Using secure networks and software

Question 21

317. What is an information barrier?

Answer 21

A physical or electronic separation of individuals of the same firm. The aim is to protect confidential information.