Data Management

Question 1

What are the key requirements of Data protection act?

Answer 1

Conduct data protection impact assessment for high risk holding of data.

‘Data accountability’ businesses proving to ICO how they comply with regulations.

Have a ‘controller’ decides how and why personal data is processed and directly responsible for GDPR.

Report breach to ICO in 72 hours

Question 2

Why was GDPR created?

Answer 2

Create a single data protection regime affecting businesses and empower individuals to learn how and why their data is processed by businesses.

Question 3

What are your company’s compliance procedures?

Answer 3

All our data is in a secure filing system, only accessible by password protected computers.
When the information is no longer needed the data is removed

Question 4

What are the key principles of the data protection act?

Answer 4

PALDASI

Purpose limitation
Accountability
Lawfulness
Data minimisation
Accuracy
Storage limitation
Integrity and Confidentiality

Question 5

What are the individual rights of GDPR?

Answer 5

A PEAR PIO

Access
Portability
Erasure
Amend
Restrict process
Informed Consent
Object
Rectification

Question 6

What databases have you used?

Answer 6

CoStar.
Agent Insight.

Question 7

What are the limitations of these databases?

Answer 7

Relies on third party information, need to check the information is correct

Question 8

How do you ensure the information is kept up to date?

Answer 8

Verify data with parties involved in the transaction.

E.g. if unit was u/o, would ask in the future if the sale was completed.

Question 9

What does it mean to be GDPR compliant?

Answer 9

Your business’s processes are in line with GDPR.

Question 10

If you collate information from various sources, how would you store this data to allow for easy analysis?

Answer 10

I would keep in our online filing system on a clearly name file in the appropriate project that it relates to.

Question 11

How can you keep data stored securely?

Answer 11

On a filing system only accessible from our password protected computers.

Question 12

Key Principles of Data Protection Act

Answer 12

Act lawfully
Limit data for purpose
Remove data when finished
Process data securely

Question 13

Data Protection Act Purpose

Answer 13

gives people right to be informed on how their data is processed

Question 14

How long can you store data?

Answer 14

Only as long as it is necessary to do so.
Minimum of six years.

Question 15

How did you provide advice on data security?

Answer 15

Advised that we kept their details on secure propman system.
Advised that lease events were stored securley. Benefit of the secure storage was that we wouldn’t miss lease events.

Question 16

Name another time you recommended data and security? What system?

Answer 16

Propman (Detail propman system, what security it provided and services)

Question 17

How do you comply with UK GDPR when dealing with mailing lists?

Answer 17

Obtain consent from those who are to receive the marketing list.

Question 18

How would you request data from a public body?

Answer 18

You would submit a Freedom of Information request in writing. FOI Act 2000.

Question 19

How do you request your personal information from a public authority?

Answer 19

Subject Access Request

Question 20

How long does an organisation have to respond?

Answer 20

Within 20 working days.

Question 21

What are the exemptions to the freedom of information act?

Answer 21

• Contrary to GDPR requirements
• if it would prejudice a criminal matter under investigation
• Or someone’s personal information.

Question 22

Why was data management storage essential when providing a reliable service?

Answer 22

Propman. Rent collection, RR dates, upcoming lease events

Question 23

How did you verify data against another source

Answer 23

Triangluation. Speaking with other agents to confirm rents.

Question 24

What is Copyright

Answer 24

Set of exclusive rights granted to author or creator of original work.
Form of intellectual property.

Question 25

Who polices the data protection act

Answer 25

The information commissioners office and enforcement

Question 26

What replaced the data protection act 1998

Answer 26

UK GDPR supplemented by the Data Protection Act 2018. Relates to personal data.

Question 27

What are the fines for data breaches

Answer 27

Up to 4% global turnover of the company or up to 20 million euros, whichever is greater. Policed by ICO

Question 28

What is the aim of UK GDPR supplemented by Data Proteciton Act 2018

Answer 28

Aims to create single data protection regime affecting business and empower individuals to take control of how their data is used by 3rd parties

Question 29

What is personal data?

Answer 29

All data from which a living person is identified or identifiable

Question 30

What can you tell me about data security

Answer 30

Relates to preventing breaches Data retention, handling and security CAs, NDA's CDA's

Question 31

How do you ensure reliability of 3rd party information?

Answer 31

Triangulation

Question 32

What is the cloud storage concept?

Answer 32

Refers to storing data on remote servers over the internet allowing access to files and data regardless of location.

Question 33

What is a Copyright

Answer 33

Set of exclusive rights granted to author or creator of any original work, including right to copy. Form of intellectual property. Must acknowledge any copyright for information duplicated in your work.

Question 34

How do you ensure security of data in your company?

Answer 34

Firewalls, encryption, passwords, NDA's

Question 35

What is data retention?

Answer 35

Firms require retention policies for the safe keeping of files

Question 36

What is an NDA?

Answer 36

Non disclosure agreement. Legally enforceable contract between 2 parties. Agreement creates confidential relationship between a person with the information and one who has access to it.