Data managment Flashcards
What is GDPR and what are its principles?
EU legislation to strengthen individual rights over their personal data.
Applies to all personal data, seven key principles
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
- accountability
- not to be transfer to countries with different protection
What must companies put in place to ensure compliance with GDPR?
-data protection policy
-staff training
-lawful basis for processing
-privacy notice
-security measures
-data protection officer
Why is it important to limit access to personal data?
-protect individuals data
-reduce risk of breach
-data minimisation
-demonstrate accountability
How is information stored securely in your firm?
- cloud based system
- password protected folders and limited access
-firewall
-eg mindcast softwear
-quarentine page
What are the personal rights in regards to data?
-access
-request correction
-request erasure
-restrict processing
-object to process
-data portability
How do you verify your data source eg for comparable valuation?
-check with agents
Who are the key persons involved in GDPR?
-controller
-processor
-data subject
Who is the data controller in your firm?
Director
What must you do if there is a data breach?
Inform ICO within 72 hours, when data lost and risk involved
What are the penalties for a data breach?
4% of global annual turnover or 20m euros
What is the Data protection act 2018?
The data protection act sets out how personal data should be processed and protects individual privacy rights
What does article 5 of GDPR 18 - key principles?
- lawfully, fairly and transparently (LAS)
- purpose of limitation
- data minimisation
- Accuracy
- storage limitations
6.securely
7.accountability
What are individuals rights under GDPR18?
- Access
- restrict Processing
- data Portability
- Erasure
- relation to Automated decision making and profiling
- Rectification
- be Informed
- Object
What is a subject data request?
individuals right to access personal data that an organisation holds about them
What would you do if a date breach occurred?
Data breaches must be reported to the Information Commissioner’s Office (ICOs) within 72 hours of discovery. The ICO is the UK’s independent body responsible for enforcing information rights. The ICO has the power to issue fines for non-compliance which can reach up to £17.5 million or 4% of global annual turnover
what is the freedom of information act 2000?
-An individual has a right to access information held by a public body. Aim is to improve transparency and accountability
-When requested the body aims to release the information within 20 days and can charge a fee for disclosure
What legislation do you adhere to when handling data?
Data protection act 2018 (UK) and general data protection 2018 (EU)
What is copy right?
-set of exclusive rights granted to the author or creator of original work, including the right to copy
-rights can be licensed, assigned or transferred
-form of intellectual property
-must acknowledge copyright for info duplicated in work
What is intellectual property and can it be transferred?
Intellectual Property (IP) refers to creations of the mind that are legally protected, allowing individuals or businesses to control how their ideas, inventions, or creative works are used. It gives the owner exclusive rights over their work. E.g. patents, or trademarks
Tell me about the Retention of Files and Limitation Act 1980?
Sets out the time limits within which legal actions can be taken. Keep documents for 6 years, however some are more eg deed 12 years, then correctly disposed.
What are the General Data Protection Regulations?
EU legislation to strengthen individual rights over their personal data. Applies to all personal data, seven key principles
What are the disadvantages of using systems like CoStar, Rightmove etc?
-not always accurate
-need to verify it directly with the agent which can sometimes be challenging
What is your company’s Asset Management Plan?
Documentation which collected all property and tenancy information onto one document
reviewed yearly and shows growth or decline over 5 year period
How do you ensure this data is accurate?
carefully collected, and checked by a colleague
