Data Management L2

Question 1

What is your understanding of the term Confidentiality?

Answer 1

Where information is provided but is subject to confidence and not shared without permission.

Question 2

What is your understanding of the term Meta Data and why is this
important?

Answer 2

• Meta Data is information about a specific piece of data.
• For example when sharing a cost planning document, the Meta Data associated with this could consist
  of information about the author, the file size, the date the document was created and keywords to
  describe the document.
• We must ensure that this Meta Data is afforded the same level of care as all other confidential data.
• In a scenario where we are sharing a document or removing confidential components of a document
  we should ensure that any confidential meta data is not shared inadvertently.

Question 3

What is your understanding of Intellectual Property and Copyright?

Answer 3

• This is the right to control the use and ownership of original works.
• Work generally created by an employee usually belongs to their employer unless copyrights are put in
  place.
• It is common within construction for a client to be granted license for use and reproduction of
  copyright material which should be clearly defined.
• This could be the right to use a particular design by a subcontracting specialist who retains control of
  the original copyright.

Question 4

What is the Freedom of Information Act 2005?

Answer 4

This is the primary piece of UK legislation that controls the access to official information.
* The act permits the public right of access to information held by public authorities.
* Information must also be published through the public authorities publication scheme.
* The act covers all information held and not just information since the act came into effect.

Question 5

What are the benefits of cloud-based storage systems?

Answer 5

• Information is backed up securely on encrypted servers.
• Accessibility can be managed via online settings.
• Cloud systems are often cheaper than the costs of physically storing and managing files.
• It is convenient to send and share files online instead of mailing physical copies.
• Cloud systems are environmentally friendly.
• Multiple users can access the same documents.
• Documents and folder systems can be synchronized.

Question 6

What is the meaning of a non-disclosure agreement?

Answer 6

• Non-disclosure agreements are used to protect against the disclosure or sharing of any confidential
  data.
• Prior to the confidential data being share with a recipient, clients will typically request that the recipient
  signs up to an NDA.
• They are often used when confidential, sensitive, innovative or intellectual property information is
  being shared to prevent this information being used by competitors.

Question 7

If two separate departments within your firm were working for two
rival companies how would you ensure client sensitive data was
managed?

Answer 7

• I would make the client aware of the risks involved and check their understanding of the conflict of
  interest.
• I would ensure a letter of instruction to continue was obtained from the client.
• Exclusivity of staff would be arranged.
• The use of non-disclosure agreements would be considered.
• Separate working locations from each of the teams would need to be put in place.
• Secure document and data storage would be arranged to be used exclusively for the separate teams

Question 8

What is the Data Protection Act 2018?

Answer 8

• The act replaces previous 1998 legislation and manages how personal data is processed by organisations
  and the government.
• It is the UK legislation for the implementation of the EU General Data Protection Regulations
  (GDPR).

Question 9

What are the key Principles of the Data Protection Act 2018?

Answer 9

• The act ensures that data is:-
  o Used fairly, lawfully and transparently.
  o Used in a way that is adequate, relevant and limited to only the purpose it is intended.
  o Is retained for no longer than is necessary.
  o Processed securely including the protection against unlawful use, loss or destruction.

Question 10

What are a person’s rights under the Data Protection Act?

Answer 10

• People have the right to:-
  o To be informed about how their data is being used.
  o The right to access their data.
  o The right to have incorrect information updated.
  o To have their data erased.
  o To stop or restrict the processing of their data.
  o The right of portability.
  o To object to the use of their data.

Question 11

Who are the key persons outlined within GDPR?

Answer 11

• Controller
  o The controller is the natural person or legal entity that determines the purposes and means of
  the processing of personal data for example when processing an employee’s personal data, the
  employer is considered to be the controller.
• Processor
  o A natural person or legal entity that processes personal data on behalf of the controller for
  example a call centre acting on behalf of its client is considered to be a processor.
• Data Protection Officer (DPO)
  o The Data Protection Officer is a leadership role required by EU GDPR. This role exists within
  companies that process the personal data of EU citizens. A DPO is responsible for overseeing
  the data protection approach, strategy, and its implementation.

Question 12

What are the 8 individual rights under GDPR?

Answer 12

The right to be informed.
* The right of access.
* The right of rectification.
* The right to erasure.
* The right to restrict processing.
* The right to data portability.
* The right to object.
* Rights of automated decision making and profiling.
* Diversity, Inclusion & Team Working.

Question 13

What different sources of information do you use in your day-to-day
surveying?

Answer 13

• RICS Guidance Notes.
• Contract Documentation.
• Previous Tenders.
• Cost Plans.
• Valuation data.
• Industry Journals.
• Specialist sub-contractor information

Question 14

How do you manage these sources of information to ensure
compliance with the legislation?

Answer 14

• If signed up to an NDA with a client I ensure complete confidentiality and am not able to talk about
  these projects with colleagues who are not party to the project.
• I use lockable and secure document storage for hard copy documents. The electronic information is
  kept securely on encrypted servers.
• I am always sure to lock my computer when away from my desk and comply with my firms IT security
  policies for example attendance at Cyber security courses and regularly updating my passwords.
• If I am sharing or processing information not available in the public domain from a previous project I
  always obtain the clients written permission to do so.

Question 15

How do companies ensure compliance with the Data Protection
legislation generally?

Answer 15

• They should only retain data they need to perform their day-to-day operations.
• If they are retaining someone’s data they should ensure the person is kept informed and advised on
  why they have it.
• They should hold the data securely.
• They should also keep the information up to date and delete information they no longer need

Question 16

Can you tell me three principles of GDPR?

Answer 16

General Data Protection Regulation (2016)
1. Lawfulness, fairness, transparency
2. Purpose limitation
3. Data minimisation
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality
7. Accountability

Question 17

Can you tell me three principles of the Data Protection Act?

Answer 17

Data Protection Act (2018)
1. Fairness
2. Lawfulness
3. Transparency

Question 18

How do you comply with GDPR and the Data Protection Act 2018 in your role?

Answer 18

• Ensure access to data is only granted to people who require it
• I ensure that all files and folders are labelled correctly
• Data is only stored for as long as necessary – either for the length of time needed for a project or to comply with statutory regulations e.g money laundering
• Secure confidential and sensitive information with password encryption
• Only share data using secure systems

Question 19

Give me an example of how you ensure that data is kept securely

Answer 19

• Ensure access to data is only granted to people who require it
• Secure confidential and sensitive information with password encryption
• Only share data using secure systems
• Separate out data in a logical and secure fashion

Question 20

Can copyright be transferred?

Answer 20

A copyright owner can sell or transfer their rights to someone else. This is known as a copyright assignment.

Question 21

Give me an example of a property information tool.

Answer 21

• Land Registry – used to access a title register which includes:
  o Title number
  o Ownership
  o How much the property was last sold for
  o Whether the property has a mortgage
  o Details of ‘restrictive covenants’ - promises to not do certain things with the land, like not building on a particular area
  o Details of any ‘easements’ - the rights of one piece of land over another, like a right of way

Question 22

What are the limitations of primary/secondary data sources?

Answer 22

Primary Data – data/information gathered first hand for your specific purpose
Secondary Data – data published by a differet researcher or firm

Question 23

How do you validate information?

Answer 23

• Source – is the source credible and reliable
• Time – how recent is the information gathered is it as up to date as possible
• Relevance – is the information gather directly related to your need or purpose
• Sense check – try to verify the information by cross referencing

Question 24

What is the difference between a deed and a registered title?

Answer 24

Title refers to the ownership of a property
Deeds is the legal document that transfers title from one person to another

Question 25

How do you source title information?

Answer 25

Land Registry – used to access a title register

Question 26

What are the differences between manual and electronic records?

Answer 26

A manual record is where records are maintained by hand, without using a computer system.
An electronic record is where records are maintained on automated storage systems rather than physical files

Question 27

What is an index map?

Answer 27

The index map contains information on all land and property that’s registered or being registered with HM Land Registry. Use it to find the title number of a property that does not appear in a search of the register.

Question 28

What does encryption mean?

Answer 28

Encryption the process of converting information or data into a code, especially to prevent unauthorized access

Question 29

What is a firewall?

Answer 29

Firewall is software that blocks unexpected connections coming into or out of a network

Question 30

How can you protect electronic data from viruses?

Answer 30

• Firewall and anti-virus software
• Provide password protection
• Back up your data
• Educate your users on the dangers of viruses

Question 31

Which records are manually kept in your office and why?

Answer 31

Signed contracts – signed in wet ink, original copies may be required for proof of signature

Question 32

Are electronic signatures accepted by the Land Registry?

Answer 32

From July 2020 – the Land Registry will accept witnessed electronic signatures with immediate effect

Question 33

What type of documents can electronic signatures be used for?

Answer 33

o Offer letters.
o Sales contracts.
o Permission slips.
o Rental/lease agreements.
o Liability waivers.
o Financial documents.

Question 34

What is data redundancy?

Answer 34

Data redundancy occurs when the same piece of data exists in multiple places

Question 36

What is Data?

Answer 36

Data is defined as facts or figures, or information that’s stored in or used by a computer.
eg. an email.

Question 37

How can you ensure the security of data?

Answer 37

Password protecting documents.
Reviewing who has access to folders.
When sending emails make sure they are encrypted so they cannot be intercepted.

Question 38

What legislation dictates the storage and sharing of information?

Answer 38

Data Protection act 2018
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is: used fairly, lawfully and transparently
.
The UK’s 2018 Data Protection Act is an almost identical copy of GDPR for a reason: when the UK leaves the EU, there won’t be a huge shift in the law.

Question 39

What is GDPR?

Answer 39

General Data Protection Regulation (GDPR) 2018
Companies covered by the GDPR are accountable for their handling of people’s personal information.