Data Management

Question 1

What events might you put in a diary to remind you?

Answer 1

Lease expiries
Breaks
Rent reviews
Rent steps

Question 2

What types of data security is there?

Answer 2

Disk encyption
Regular off site back ups
Password protection
Anti virus software

Question 3

What governs data protection

Answer 3

General Data Protection Regulation
Data Protection Act 2018

Question 4

What does GDPR stand for?

Answer 4

General Data Protection Regulation

Question 5

What is the aim of GDPR

Answer 5

It aims to protect individuals data and its use with businesses

Question 6

What are the 8 individual rights of UK GDPR

Answer 6

Rights to:
be Informed
have access
Rectification
Restrict processing
dat portability
object
erasure
automated decision making/profiling

Question 7

How do you verify your data

Answer 7

I use a triangulation method, for example I would compare the manual TS with the TS on our MRI system and also compare these to the lease.

Question 8

What is the difference between GDPR and Data Protection act 2018

Answer 8

the DPA applies only to companies that control the processsing of data. GDPR extended the law to those companies that process personal data on behalf of controllers. For example, if a tenant gives our solicitors their details they would be liable under DPA but because the solicitors then pass me the lease the solicitor and Savills/me would be liable under GDPR

Question 9

What are the GDPR fines?

Answer 9

GDPR = 4% global turnover or 17.5m which ever is higher
Under DPA it was £500,000 but it was felt this was not enough for large international companies

Question 10

What is the Data Protection Act 2018

Answer 10

It is the UK’s implementation of the General Data Protection Regulation that was brought in after we left the EU.

Question 11

What are the data protection principles

Answer 11

Used fairly, lawfully and transparently
Used for specified explicit purposes
kept no longer than necessary
accurate and up to date

Question 12

What are your rights under the Data Protection Act 2018

Answer 12

To know how your info is being used
access personal data
have incorrect data updated
have data erased
stop or restrict processing of personal data

Question 13

If you have a request for what data is held how long until you respond

Answer 13

no more than a month

Question 14

Where should data breaches be reported to

Answer 14

Information Commissioners Office within 72 hours where there is a loss of data and risk of harm

Question 15

How do Savills store data

Answer 15

Within my team we have a file system and a number of internal systems which are encrypted and only accessed through permissions and password protection

Question 16

What is the freedom of information Act 2000

Answer 16

Gives right of access held by public bodies
The public body must tell individual whether it holds their info
They are required to supply within 20 working days
It can charge for the provision of the information

Question 17

What are the Freedom of Information Act 2000 exemptions

Answer 17

It is in contrary to the GDPR requirements
It would prejudice a criminal matter under investigation

Question 18

What is a public body

Answer 18

a formally established organisation that is publicly funded to deliver a public or government service

Question 19

How can data security be improved

Answer 19

Firewalls
encyption
passwords

Question 20

What is a NDA?

Answer 20

Non disclosure agreement - is where one party agrees to not reveal confidential information

Question 21

What should an NDA include

Answer 21

ID of parties
definitions (different types of info covered)
Obligations (what happens if shared)
Time frame
Exclusions
Remidies - what happens if breached

Question 22

What is the proposed professional statement

Answer 22

Professional Statement on Data Handling and Prevention of Cybercrime

Question 23

What is the proposed Professional Statement on Data Handling and Prevention of Cybercrime for?

Answer 23

To cover best practice and mandatory obligations.
To address how surveyors capture, store and share data
Likely to mandate policies, practices and training for all regulated firms and members