DATA

Question 1

What is the Freedom of Information Act

Answer 1

UK law that gives the public a general right of access to recorded information held by public authorities (such as government departments, local councils, schools, and the NHS

Question 2

What is a Subject Data Request?

Answer 2

allows an individual to obtain their personal information held by an organisation upon request.

Question 3

How is your data backed up - is it stored remotely in a cloud

Question 4

What legislation do you adhere to when handling data?

Answer 4

UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Question 5

Give 3 principles of the Data Protection ACT

Answer 5

Lawfulness, fairness, and transparency: Data must be processed legally, in a way that is not detrimental or misleading to the individual, and with clear information provided about its use Information Commissioner’s Office.

Purpose limitation: Data should only be collected for specified, explicit, and legitimate purposes and not used for unrelated or secondary purposes Information Commissioner’s Office.

Data minimisation: Only the minimum amount of personal data necessary for the intended purpose should be collected and processed Information Commissioner’s Office.

Question 6

What are the General Data Protection Regulations?

Answer 6

a comprehensive EU law (now also UK law, as UK GDPR) that protects the personal data and privacy of individuals within the European Union

Question 7

What is copyright?

Answer 7

Copyright is legal right that protects the use of your work once your idea has been physically expressed.

Question 8

What is intellectual property and can it be transferred?

Answer 8

tangible creations of the mind—such as inventions, designs, brand names, and artistic works—protected by law through patents, copyrights, trademarks, and trade secrets.

they can be transferred

Question 9

Tell me about the Retention of Files and Limitation Act 1980

Answer 9

Legislation effectively determining how long businesses should retain files to defend potential claims. Generally, it requires keeping records for six years for contract and tort claims, and 12 years for deed

Question 10

How do you comply with UK GDPR and the Data Protection Act 2018 in your role?

Answer 10

Firewalls, password, encryption, secure devise, back up data, two-step verification.

Question 11

Give me an example of how you process and handle confidential information.

Answer 11

Personal data from public consultations – held in a secure file location.

Technical data – held on a central project data base

Question 12

What are the penalties for breach of GDPR?

Answer 12

Tier 1 – for less severe violations, capped at £8.5m or 2% of the annual turnover, whichever is greater.

Tier 2 – for severe violations, capped at £17.5m or 4% of the annual turnover, whichever is greater.

Question 13

What would you do if there was a data breach in the office? Who would you report it to and how long do you have to report it?

Answer 13

You might not need to report it (if It does not meet the threshold for reporting) but it is a good idea to start a log anyway, to record what happened, who is involved and what you’re doing about it.

Question 14

Can you share information obtained from Land Registry?

Answer 14

Yes, this is a publicly accessible source of data, so others could obtain this as well if they went directly to Land Registry.

Question 15

What data do you need to be aware of?

Answer 15

Personal data – data that relates to an identified or identifiable individuals. Could be as simple as a name, IP address, address, date of birth, etc.
This is applicable to me when collecting responses to public engagement consultation exercises.

Question 16

What is a AVM? Why are they used?

Answer 16

Automates valuation model. It combines mathematical modelling and a database to provide property valuations.

Speed and Efficiency, cost effective and reduce fraud risk

Question 17

What is the purpose of GDPR?

Answer 17

Provide data protection rights to individuals.

Question 18

Who does GDPR apply to?

Answer 18

Data controllers and processors.

Question 19

What data is affected by GDPR?

Answer 19

The GDPR forms part of the data protection regime in the UK, together with the new Data Protection Act 2018 (DPA 2018).
Holding data of UK residents largely unchanged, but dealing with EU is now different.

The GDPR applies to ‘controllers’ and ‘processors’. A controller determines the purposes and means of processing personal data. A processor is responsible for processing personal data on behalf of a controller.

You must identify valid grounds under the GDPR (known as a ‘lawful basis’) for collecting and using personal data limited to what is necessary – you do not hold more than you need for that purpose.

You must not keep personal data for longer than you need it

Question 20

What do you understand to be personal data?

Answer 20

Personal data – data that relates to an identified or identifiable individuals. Could be as simple as a name, IP address, address, date of birth, etc.
This is applicable to me when collecting responses to public engagement consultation exercises.

Question 21

If you inadvertently left your laptop with sensitive clients’ information on a train what steps would you take in house and with your client?

Answer 21

Immediately notify my IT department.
Report to the police.
Notify my client of the incident and what my IT department has done to encrypt the data, etc.

Question 22

Explain the Freedom of Information Act and how that may affect you and any data you hold?

Answer 22

Freedom of Information Act, 2000. The Act gives everyone a legal right to see information held by public bodies (elected members, council employees, any person handling data on behalf of the council including consultants, volunteers, contractors and suppliers).

Council can refuse to provide information if:
* it would cost too much or take too much staff time to deal with the request
* the request is vexatious
* repeat request
* meets an exemption under the Act (e.g. court proceedings, information provided in confidence, health and safety, commercial interests)
* the request for information constitutes personal data about its employees

The Information Commissioner’s Office (ICO) is responsible for regulating and enforcing the Act.

Because the organisation that I work for holds information on behalf of a public body, data I hold could be subject to a Freedom of Information Request.

Question 23

Give me an example of a property information tool.

Answer 23

Land in sight

Question 24

Tell me about how you extract data from a source regularly used in your role

Answer 24

Land in sight - average prices /£sqft

Question 25

What is the difference between a deed and a registered title? How do you source title information?

Answer 25

A deed is a document (like a conveyance or transfer) proving the transfer of property. A registered title is the official digital record of the current owner, charges, and boundaries held in the Land Register.

Question 26

What does encryption mean? What is a firewall?

Answer 26

Encryption is the process of scrambling data into an unreadable format A firewall is a network security system hat monitors and controls incoming and outgoing traffic based on security rules

Question 27

How can you protect electronic data from viruses?

Answer 27

combining specialized software, safe browsing habits, and regular system maintenance

Question 28

Which records are manually kept in your office and why?

Answer 28

Appointment documents, leagal documents such as AHA, S106 to keep a copy

Question 29

Are electronic signatures accepted by the Land Registry

Answer 29

yes since aug 2025

Question 30

What is ISO 9001?

Answer 30

A internationally recognized standard for Quality Management Systems (QMS), setting criteria for consistent, high-quality products and services