Data Man L2 Transaction Analysis, Offices Flashcards
(12 cards)
What steps did you take to ensure secure storage of transaction data?
I stored the data on my company’s Microsoft SharePoint where only my team have authorised access to the document.
The document is also password protected.
I ensured that sensitive information was not shared outside the team, maintaining strict confidentiality.
I followed my firm’s GDPR policies to prevent unauthorised access or data breaches.
I ensure to lock my computer when I leave my desk and I follow the clear desk policy.
Who had access to the transaction database, and how was access controlled?
Only my team members had access, controlled through password protection and user permissions.
How do you handle sensitive transaction data when external parties request access?
I never disclosed confidential transaction details without senior approval and client consent.
If required, I would provide market-level summaries rather than specific deal information.
I ensured that all shared data was in line with RICS confidentiality guidelines.
How did maintaining a transaction database benefit your team’s decision-making?
It allowed the team to track market trends and benchmark deals against competitors.
It provided quick access to rental evidence for negotiations and client reporting.
It enabled senior colleagues to identify emerging trends in occupier demand.
Have you ever identified a data discrepancy in the transaction records? How did you resolve it?
Yes, I once noticed a discrepancy between a reported lease term and the agent’s record.
I resolved it by checking lease documents and confirming with the leasing agent before updating the database.
What is a data breach?
A data breach occurs when personal data is lost, accessed, disclosed, altered, or destroyed without authorisation. This can happen due to cyberattacks, human error, or system failures.
How are data breaches treated?
Identify and contain the breach, asses the risk - determine the type of data involved and the potential harm to individuals
Report to the ICO (Information Commissioner’s Office - via online reporting system), if the breach poses a risk to people’s rights and freedoms, it must be recorded within 72 hours. If there’s no significant risk, it does not have to be reported by still be recorded internally.
Who policies the Data Protection Act 2018?
Information Commissioners Office (ICO)
How does your company deals with confidential data if its in databases, If everyone can access
Access Controls - Use Team based access controls
Multi-Factor Authentication for added security
How long should you keep files for?
In line with RICS guidance and regulatory expectations, I ensure that client files and valuation records are retained for a minimum of six years, with longer retention for documents executed as deeds or involving legal risks.
What is the function of the UK GDPR Regulations?
The UK GDPR (General Data Protection Regulation) is a legal framework that governs how personal data is collected, processed, stored, and shared in the UK.
It replaced the EU GDPR after Brexit and is supplemented by the Data Protection Act 2018.
Can you tell me some of the rights under the UK GDPR regulation?
Under UK GDPR, individuals have several rights over their personal data, which businesses, including property firms, must respect. Some rights include:
1. Right to be Informed - Individuals must be told how their data is collected, used and stored.
2. Right to Access - Individuals can request a copy of their personal data
3. Right to Rectification - Individuals can request corrections to inaccurate or incomplete data
4. Right to Erasure - Individuals can request deletion of their data in certain cases (e.g. if no longer necessary or consent is withdrawn)
