Data Management

Question 1

What legislation can you name that applies to data protection in the UK?

Answer 1

• The data protection act 2018.
• UK General Data Protection Regulation (GDPR).

Question 2

What does data protection mean and what does involve?

Answer 2

• Data protection means using and storing information about people fairly and responsibly.
• It involves being open and accountable, and recognising and complying with individuals’ rights over how their personal details are used, accessed and shared.

Question 3

What is personal data?

Answer 3

• ## Personal data is information about a specific living person, such as name, address or date of birth

Question 4

Why do we have laws to protect our data?

Answer 4

Data protection laws aim to ensure all our personal data is kept securely, and used fairly, openly and legally.

Question 5

Under data protection, what rights are reserved to individual?

Answer 5

• right to be informed (know how data is collected and used)
• right to access (request access to data held about them)
• right to have data erased
• right to have data rectified, if is inaccurate
• right to restrict processing of their data in specific circumstances
• right to data portability (so they can reuse data across different services or for their own purposes)
• right to object decisions results if data is being processed through only automated systems which affect legal rights or financial circumstances (i.e. mortgage application)

Question 6

What is UK GDPR? and what’s its purpose?

Answer 6

It’s the UK data protection framework which is based on Data Protection Act 2018 and UK GDPR; It’s a privacy and security law designed to protect personal data and how is this used by organisations, businesses and government

Question 7

Is UK GDPR same as EU GDPR? When does the EU GDPR applies?

Answer 7

UK GDPR follows the same principles, rights and obligations as EU GDPR; The EU GDPR applies if UK organisations offer goods or services to individuals in the European Economic Area (EEA)

Question 8

What are the Data Protection principles?

Answer 8

• Limited purposes: personal data can only be collected for specified and legitimate purposes. If original purpose changes a new consent is required;
• Data minimisation: personal data shall be adequate and limited to its purposes; no additional info should be collected/stored if not needed
• Accuracy: data must be accurate and kept up to date
• Storage limitation: data must be kept only for the required time and not hold for longer than necessary
• Securely processed: data must be kept safely and be protected by unauthorised access and accidental losses
• Accountability: the controller and processor are responsible for adopting adequate and secure system for using personal data
• Lawfulness, transparency: data shall be processed lawfully, fairly and in user friendly manner, that allows comprehensive understanding from the individual

Question 9

What is required under article 5(2) of GDPR?

Answer 9

The controller shall be responsible for, and be able to demonstrate compliance with the principles

Question 10

Under the Data Protection Act, what are the key requirements for businesses handling data?

Answer 10

• Have policies and procedure for data protection in place
• Keeping data security measures up to date
• Carry out data protection impact assessment, to test and check the measures are effective, and improve them where necessary
• Train staff
• Employ an independent Data Protection Officer (DPO) to monitor internal compliance (compulsory for public organisation)

Question 11

What are the consequences of non-compliance with data protection?

Answer 11

• Compensation claims (i.e. compensate for the loss of money or distress caused)
• Negative publicity
• Financial penalties

Question 12

What are the financial penalties for data breach and how are they assessed?

Answer 12

Penalties for data breaches are assessed on a case-by-case basis (two tiers):

• low-level offences (i.e. failing to report a breach)
• high-level offences (i.e. infringing individual rights and potential maximum fines are the greater of 20 ml euros or 4% of annual global turnover)

Question 13

What are the key roles in the data management context?

Answer 13

• Data subject: living person whose personal data is processed
• Data controller: an organisation or individual that decides why and how to process personal data
• Data processor: An organisation or individual that process the data on behalf of the controller

**(If you are an employee and your organisation is the data controller, you might process data to fulfil your organisation’s role as a controller. This does not make you a data processor as defined in the legislation)

Question 14

What is a data controller?

Answer 14

A data controller decides how and why personal data is processed and is directly responsible for GDPR

Question 15

What is a data processor?

Answer 15

An organisation or individual that only processes personal data on behalf of the data controller, and in line with their instructions.

Question 16

Can you give me some example of the data you manage ?

Answer 16

• Client details
• Values
• Plan info
• Project details
• Build costs (BCIS)
• Planning info
• EPC rating

Question 17

How do you ensure the data that you hold on your clients is kept secure and confidential?

Answer 17

• Limit access to sensitive data use smart passwords and update the regularly
• Use Firewalls and antivirus protection dedicated server
• stay on top of security updates.

Question 18

What does the RICS say about confidentiality?

Answer 18

The RICS bye-laws say that client’s confidentiality must be maintained for all client’s affairs. This includes all historic information and info provide before an instruction.

Question 19

Can information regarding client’s be accessed by a third party?

Answer 19

No, unless it’s been approved by the client

Question 20

Which instances would you be able to disclose client’s information without their explicit consent?

Answer 20

Only when there is a statutory right overriding the client’s confidentiality, such as a request from the police or HMRC

Question 21

If you receive an email sent by error from a competitor, containing confidential info, what would you do?

Answer 21

Firstly, the info contained in the email cannot be used for my own purpose, and I must advise the sender of this leakage and dispose of the email securely

Question 22

What BCIS stand for? and what includes?

Answer 22

The Building Cost information Service provides cost and price data for the UK construction industry. It is a part of the Royal Institution of Chartered Surveyors.
Offers numerous product datasets such as
- Build Costs rates based on the location
- BCIS Schedule of Rates
- BCIS Dilapidations Estimating Price Set

Question 23

How have you changed the way you managed data during COVID 19 and home working ?

Answer 23

• Only use company owned work equipment and ensure that storage of hard copies of files is limited to the office.
• Regular updates for passwords etc.
• Log into secure intranet - no files downloaded locally.

Question 24

What are the PII requirement for company data?

Answer 24

It is a requirement of our PII insurance that all contracts under deed are kept for a minimum of 12 years and to hand for 6 years. I am aware of the limitation act to claims which can be brought about up to 15 years after the act of negligence.

Question 25

What is BRE?

Answer 25

BRE is an independent and impartial, research-based advisory, testing and training organisation, offering expertise in every aspect of the built environment and associated industries. Undertakes and publishes research to allow tackling of the current and future challenges of the built environment.

Question 26

What should you do if there is a data breach?

Answer 26

Inform the Information Commissioner’s Office not later than 72 hours after becoming aware of it.

Question 27

Where does BCIS collect its’ data from?

Answer 27

from a variety of sources including construction professionals' surveys, accepted contracts and tenders and government agencies

Question 28

What is Tender Price Index?

Answer 28

Measures the trend of contractors’ pricing levels in accepted tenders. BCIS offer this as a service.

Question 29

What is a Firewall?

Answer 29

It's a security tool for any organisation that want to protect its computer networks and data from unauthorized access or malicious attacks (viruses)

Question 30

What information is included in Company House?

Answer 30

- Company name, number and registered office address - Directors names and addresses - Shareholder names and addresses - Accounts and annual returns filed by the company - Memo and articles of association - any charges or mortgages over the comapny assets - details of any insolvency proceedings or liquidation - statutory filings made by the company

Question 31

What information type of land interest can be found on Land Registry?

Answer 31

- Freeholds - Leasehold over 7 years - Easements - Restrictive covenants

Question 32

Name some of the information that can be found on the Land Registry?

Answer 32

- Title register: document including property address, the registered owner, and any rights or restrictions that affect the property - Title plans: document showing the location, and boundaries of the property on a map - Charges register: this section is included in the title register and lists any mortgages, liens and other charges that have been registered against the property - Conveyancing deeds: legal docs that tarnsfer ownership of the property from one party to another. The LR may hold copies if they have been registered with the agency - Leases that are granted for a term of more than seven years - Price paid data: sale price, date of sale and property address - Property boundaries: may include info on shared boundaries

Question 33

What is a title plan / register?

Answer 33

The Land Registry Title Register and Title Plan are the officially registered documents that together provide proof of ownership and details of the terms upon which a property is owned.

Question 34

What is included in a Title Register? and what it's include under each section?

Answer 34

Title number A = Property Register - description of the land included within the title and rights granted to the property B = Proprietorship Register - Class of title (Title Absolute), name of the owner, its registered address and price paid C = Charges Register (mortgages, rights of way or covenants)

Question 35

What are restricted covenants and what effect do they have on a land? and how can they be distinguished from a positive covenant?

Answer 35

Are attached to the land and restrict / prohibit certain things. i.e. could restrict development or use but are identifiable as they do not consist in a financial liabilities. They are retained even when sold and passed on.

Question 36

What is a right of way?

Answer 36

It’s an easement = a right to use part of another person’s property in a particular way even though they don’t own it.

Question 37

What’s included in a Title Plan?

Answer 37

title number OS map reference red line boundary scale north point administrative borough easements and rights of way Date and time the copy was taken

Question 38

What scale is used for a Land Registry Title Plan?

Answer 38

1:1250

Question 39

What are some of the different colours on a Title Plan?

Answer 39

Green = removed Brown = right of way Pink = restricted covenant

Question 40

What is the Land Registry?

Answer 40

Governmental department which records the ownership of land and property in England and Wales.

Question 41

What would you consider when advising on storage systems?

Answer 41

I would consider a few factors: - Scalability - how much data is going to be stored - Security - what type of data is stored and therefore the adequate type of security in place - Accessibility - Who are the authorized people who needs to access it and how do we make this practical for them at the same time as secure - Reliability - the storage should be reliable and have back up systems in place Cost-effectiveness:

Question 42

What would you consider when advising on business filing solutions?

Answer 42

I would consider a few factors: - Scalability - how much data is going to be stored - Security - the system should have appropriate security measures in place to protect sensitive and confidential information - Accessibility - From where can this be accessed (internet, network)? Who are the authorized people who needs to access it and how do we make this practical for them at the same time as secure - Ease of use: user-friendly and intuitive - Organisation: the file should be organised in a logical and consistent manner

Question 43

Name some business filing systems DMS?

Answer 43

(DMS) Digital document management system: - Google Drive - Dropbox - Microsoft Share point

Question 44

What is a cloud-based storage solution?

Answer 44

It's a storage system

Question 45

What is a data room?

Answer 45

It's a secure online space where confidential documents and info related to a property can be shared between parties/potential buyers; This space can enable collaborative activities from various stake holders and allow access from remote locations; It's a more safe, cost practical way for sharing numerous documentation;

Question 46

What is the difference between a data room and cloud-based storage system?

Answer 46

They both used for storing data, but data room typically has more advanced security features than a standard cloud-based storage system. For example, a data room has access control that allow administrator to restrict specific documents or section of the data room to authorized only. And a data rooms may also have audit trails and watermarks to track who has accessed specific documents and when.

Question 47

What type of storage system exist?

Answer 47

- Hard disk - attached to a computer - Network storage system - storage system that is connected to a network and which various computers can have access to - Cloud storage systems - storage system that uses remote servers hosted by a third-party provider accessible via internet (Amazon Web Servce, Google Cloud) - Physical Storage system - data organised into objects that can be accessed using a unique identifier

Question 48

What is a computerised central project system?

Answer 48

A CCP system is a software platform that is used to manage and track the progress of projects. It's a tool used mainly by project managers and engineers for construction projects. Helps improve project efficiency, reduce costs and minimize errors

Question 49

What are the main of published source of data relevant to property?

Answer 49

- Land Registry - Zoopla - Rightmove - Office National Statics - MSCI index (on subscription) - BCIS (on subscription) - HMRC - Company House

Question 50

Under GDPR, would you be able to transfer personal data? what would consider if the data is going to be handled outside the UK?

Answer 50

Assuming consent from the Data Subject os given, however, GDPR restricts transfers of personal data outside the European Economic Area unless the rights and systems provide sufficient level of security.

Question 51

What is Freedom of Information Act 2000?

Answer 51

- Give individuals the right of access to information held by public bodies

Question 52

What does the Freedom of Info Act require of public bodies? and what is the timeframe for releasing the info?

Answer 52

- Public body must tell any individual requesting sight of info whether it holds it - Info is normally required to be supplied within 20 working days from the request - It can charge for the provision of the Information

Question 53

What are the exemptions from the FoI Act 2000?

Answer 53

-Contrary to the GDPR requirements - It would prejudice a criminal matter under investigation - It would prejudice a person/organisation commercial interest

Question 54

What is the term used when verifying the reliability of data source?

Answer 54

Triangulation

Question 55

What are the main system of security for storing data?

Answer 55

- Disk encryption - Regular backups off site - Password protection updates - Use of Anti-virus software protection - Firewall and disaster recovery - Confidential Waste Bin

Question 56

What is a copyright?

Answer 56

It's a form of intellectual property; It's a legal right that protects the original works or authors from being used, copied or distributed without permission. For example, photos, software, maps.

Question 57

What example of Copy right exist in the context of Real Estate?

Answer 57

Crown Copy Right; This refers to all material created and prepared by the Government such as laws, public records and OS mapping.

Question 58

Can you use material that have a copyright?

Answer 58

Yes, if I obtained permission from the author or a licence to use the software; Any material used in my work needs to be acknowledged

Question 59

What other laws in addition to laws exist that protect companies' information?

Answer 59

- Companies Act 2006 - Consumer Protection Act 1987 - Intellectual Property Laws

Question 60

What is an NDA?

Answer 60

Non Disclosure Agreement; It's a legal contract between two or ore parties that outlines confidential information that is to be kept secrete and not shared with others;

Question 61

What is the new proposed RICS data protection document called?

Answer 61

Professional Statement on Data Handling and Prevention of Crime.

Question 62

Talk me through the Bus Shelter project?

Answer 62

- S: Gather the ownership details of the shelter land plots included in the scheme - T: Due diligence; access LR, Essex Highway map and other sources to gather info; - A: carry out the due diligence and arrange this info into a filing system sorted by District - R: All the info was then stored in a user-friendly and intuitive filing system, saved within Virtual Protection Network; and a summary sheet was then provide results and purchase recommendations

Question 63

What was your reasoned advice regarding the Bus Shelter project?

Answer 63

- Given the large volume and type of data requested, - I advised to arrange a digital filing system based on a geographical structure of folders and sub-folders - This would provide an organised, user friendly and protected system to enable the client to access the information sheet;

Question 64

What was your reasoned advice regarding the Bridge Structure?

Answer 64

In order to more facilitate the management and procurement of maintenance contracts, some of which relied on third-party land access, I advised to create a central project system tracker that would summarise key information, such as works required, timeline and land status.

Question 65

What was the purpose of creating such system for the Bridge Structure project?

Answer 65

Create a system that contained all inform within one place and give an overview of risks for each scheme based on accessibility and land permission required;

Question 66

What was the benefits of creating such system for the Bridge Structure project?

Answer 66

To provide an user friendly system for the project managers to navigate, and enable them to make more informed decision on which scheme to priorities and which ones to put on hold Also create a secure system, as it contained all the necessary data within one place.

Question 67

What is GOAD?

Answer 67

Goad Plan Data is a dataset that covers retail areas within urban areas and includes info such as retail occupancy, category, floor space, fascia name and a wealth of other detail.

Question 68

What is the difference between primary and secondary source of information?

Answer 68

Primary source of data refer to information obtained directly from the property being valued or from the parties involved in the transaction, while secondary source of info refer to data obtained from external resources; Primary: info from tenancy document or seller or buyer interview Secondary: property transaction database, market reports

Question 69

What are the weakness of primary and secondary source of info?

Answer 69

- Primary data may have inaccuracies due to human error - Secondary data may be outdated

Question 70

What is CoStar and what info can be extracted?

Answer 70

CoStar is database that provides a range of data on properties, transactions, leases and tenants. Fro this software you can extract: - Property info, such as size, construction type and amenities - Transaction data: info on sale prices, dates and buyer and seller info - Lease data: lease transactions and info on lease terms and tenant - Market reports: property trends, vacancy rates and absorption rates

Question 71

What are the pros and cons of CoStar?

Answer 71

Pros: - Comprehensive coverage across the UK - Regularly updated with info on new transactions - Quality and robust control process Cons: - High costs and less accessible for small firms - Limited data on small properties and off-market transactions - Potential inaccuracies on property classification and other info

Question 72

What sort of characteristics would this system need to have?

Answer 72

This would need to be: - intuitive and user friendly, to enable project managers easily identify each project current situation - be secure as this contained confidential information regarding landowners - Colour based system to understand the risk involved with the land agreement

Question 73

What is your reasoned advice with the Bus Shelter portfolio?

Answer 73

Due to the type of information required, I advised to create an information sheet for each bus site and

Question 74

What is BCIS and what info can you find on it?

Answer 74

Stand for Build Costs Information Services and provides costs, price data of the construction industry It can include: - Build costs indexes and inflation rates - Average costs psm or per unit for different type of properties and locations - Trends and forecast - Data on construction material, labor rates - Cost breakdown for different types of building projects, such a new build, refurb and extension

Question 75

Where does BCIS collects build costs from?

Answer 75

- Tender prices submitted from contractors - Projects previously completed - Cost data provided by suppliers - Surveys undertaken by professionals (QS, architects) - Government statistics (Office National Statistics)

Question 76

What is the downside with using BCIS costs?

Answer 76

- There may be significant differences in design and specification between the subject development and the average cost provided by BCIS - Time lag factor in collecting data, therefore the costs adopted may not be up to date with current conditions - Limited scope: BCIS costs may not cover all the type of aspects that my subject require

Question 77

What information gives you a Credit score in D&B?

Answer 77

Company's reliability and financial stability

Question 78

What is cyber security?

Answer 78

It's the term to describe the technologies and practices designed to protect devices, networks from attacks, damage or unauthorized access

Question 79

What is a cyber attcks?

Answer 79

Occurs someone illegally access devices and networks for damage or steal info

Question 80

Why is cybercrime important now?

Answer 80

Because cybercrimes have become very common and ave become one of the most common criminal offence. Most organisation have now been subject to it. As technology evolves even hacking are getting more sophisticated so there is a need to secure information to avoid breaches and protect everyone

Question 81

What type of cybercrimes are you aware of?

Answer 81

- Hacking - Malware/viruses - Phising emails - Breach of copyright

Question 82

How do you mitigate the risk of cyber attcks?

Answer 82

- Keep operating systems and antiviruses always up to date - not open attachments before verifying and from unfamiliar sources - Have firewalls - Be suspicious of techniques that create a sense of urgency - Use secure websites