Data Management Flashcards
What is data management
Process of collecting, collating, storing and protecting data
What are
pricing books used for?
Pricing books contain information on rates, each broken down to labour, material overheads and profit. They will help you to: produce estimates faster; keep your estimates accurate and competitive; run your business more effectively; and save time.
BCIS
Pricing books cover all the major areas of the construction process
Cost and price information is collected, analysed, modelled, interpreted and made available to the industry to facilitate accurate cost planning.
It uses this information to identify trends and forecast inflation indices to adjust pricing to the relevant time/ location.
SPONS
Another range of price estimating books and guides for the construction industry. It can be used for a wide range of project sizes, and provides information on rates, each broken down to labour, material overheads and profit.
How to use inflation indices
Inflation indices/ tender indexation is supplied by various sources including BCIS, SPONS, ONS (RPI & CPI) and is used to adjust pricing based on different market conditions such as time and location. The base cost is from the date pricing is obtained (year & quarter), the appropriate indexation rate can then be found based on the expected date/ location to be achieved. The base cost is then multiplied by the indexation to provide a more accurate estimate.
Legislation relevant to data management
DPA 1998 updated in 2018- the processing of information relating to individuals, including the obtaining, holding, use or disclosure of such information. Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’.
GDPR 2018- The GDPR is an EU regulation and sets out requirements for how organisations need to handle personal data. The DPA 2018 is the UK’s implementation of this.
FOI Act 2000- requirement for public companies in publishing certain data and responding the public requests for information.
How to comply with the General Data Protection Regulations (GDPR)
- People must be told about how their information will be used and who by.
- It must be used fairly and lawful, only for the purposes it was collected
- Must be destroyed when no longer required.
- People have the right to access what data is kept on them
- Companies have an obligation to keep information secure.
Different ways of storing data securely in TfL
Data management/ contract administration systems (use of Asite)- it is a single location where all communication, storage of files/ data can be monitored, uploaded and managed. It is a confidential location where all parties can access and jointly work together. (Tailored to NEC contracts and has functions for Comms, PMI, RFQ, NCE, EWN, etc.)
Sharepoint- can be used on smaller scale projects or alongside Asite and accessed by internal & external people. It allows uploading of documents in a centralised location
Confidential/ password protected folders- TfL only can access but can be used amongst project teams for storage of internal documentation
TfLs policies on GDPR
- TfL use a classification system for all documents/ emails to understand how information should be treated.
- We have yearly training on GDPR
- Have a Privacy and Data Protection team for advice where necessary.
- We include GDPR clauses in all relevant contracts ensuring suppliers responsibilities are aligned with our policies/ GDPR 2018.
- Employment records are held for 7 years after an employee leaves and then destroyed.
- We have forms for people requesting information and must respond within 1 month.
- Any breaches in GDPR must be reported to the Information Commissioners Office within 72 hours.
Public Data Regulations
- Freedom of Information Act 2000
- provides public access to information held by public authorities
- public authorities are obliged to publish certain information about their activities
- members of the public are entitled to request information from public authorities
Information Management processes in TfL
When reporting/ producing VAR for OSR;
- Use the correct template
- Ensure each revision was clearly designated as such
- Use correct status (draft/ final)
- Appropriate title for document (project name & ID, paper type)
- Save with appropriate sensitivity label which was TfL restricted (unclassified, restricted, confidential)
- Save in TfL project team access only shared folder until uploaded into the TfL system for governance approval
7 principles of UK GDPR/ DPA
- Lawfulness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity & confidentiality
- Accountability
How to comply with DPA 2018?
They must make sure the information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
What is the process for dealing with a Freedom of Information request?
- Send all FOI requests to the FOI team who will log and acknowledge request
- The FOI team will send the request to the business area(s), who must provide an initial response within five days
- The FOI team will review information and consider exemption or cost limit requests
- The FOI team will draft a response and if no comments received within 48 hours they will send out the response.
All responses must be provided within 20 working days from receipt of the request in writing.
An extension request can be made if there is concerns over its impact on public interest.
Exemptions may be possible if the cost is above the acceptable limit, or it meets other exemption reasons e.g. repetitiveness, burdensome. Information Commissions Office publishes guidance on this
