Data Management

Question 1

What is UK GDPR covered by?

Answer 1

Data Protection Act 2018

Question 2

What does GDPR stand for?

Answer 2

General Data Protection Regulation

Question 3

What are the indivdiual rights under UK GDPR?

Answer 3

Right to access
Right to be informed
Right to object
Right to use for their own purposes
Right to erasure
Right to rectification

Question 4

What are the principals of UK GDPR?

Answer 4

1. Data is processed lawfully, fairly and transparently
2. Data must be collected for a specific reason
3. Data must be accurate and kept up to date
4. Should only be kept for as long as is neccessary

Question 5

What is a non-disclosure agreement?

Answer 5

A contract that ensures confidential information isn’t disclosed to any third parties

Question 6

Who issues NDAs?

Answer 6

In my last company, I had a legal team who issued them

Question 7

Are they legally binding?

Answer 7

yes

Question 8

Can anything in them be legally binidng? If so, what?

Question 9

What security technologies are you familiar with?

Answer 9

Password protection
Cloud storage (save data and files on a remote, secure servers. Accessed via the internet/wifi connection. Access anywhere)
Encryption (processing info into coded format so it is unreadable)

Question 10

What would you do if you became aware of a data breach?

Answer 10

Must be reported to Information Commissioner’s Office within 72 hours of becoming aware of them if there is risk of harm to people or loss of personal data

Question 11

What are the penalties for breaching data under GDPR/DPA18?

Answer 11

£17.5 million of 4% of annual global turnover (whichever is highest)

Question 12

What is the Freedom of Informtion Act 2000?

Answer 12

1) Gives people the right to access data held by public bodies
2) Must be issued within 20 working days

Question 13

What is personal data?

Answer 13

Data that can expose the identity of an individual

Question 14

How can security of data be improved/how do you ensure data is stored safely?

Answer 14

Firewalls, encryption, passwords, cloud storage

Question 15

What is the Data Protection Act 2018?

Answer 15

UK’s implementation of GDPR

Governs how personal data is used by companies and the government

Question 16

When can data be shared under UK GDPR guidelines?

Answer 16

Only share if I have consent or if there is a lawful reason

Ensure secure transfering with password protection

Question 17

How did you cross-reference your data?

Answer 17

Triangulation (reduced errors, ensures consistency and accuracy)
E.g. I check data on relevant websites

Question 18

What type of data do you handle on a day-to-day basis?

Answer 18

Comparables
P&L accounts
Inspection notes
Client correspondence

Question 19

How is data backed up at your company?

Answer 19

Automatically backed up to the cloud

Protected through encryption, firewalls, passwords, disaster-recovery

Question 20

Why is data important to your role and your firm?

Answer 20

Ensure it is accurate and up to date
Ensure we are compliant with current guidelines
Ensure we are keeping it safe for our clients - we do not want them to lose our trust
I base my valuations off a lot of it

Question 21

In your example, you have used data. How do you save it?

Answer 21

I save it to file-naming system ensuring saved correctly, it’s accurate/updated and its password protected.

Question 22

What would you do if you left your laptop somewhere with client sensitive data?

Answer 22

Report to the police
Inform my line manager and IT department
Report to ICO

Question 23

How do you ensure data is transferred safely when your clients send it to you?

Answer 23

I use ‘WeTransfer’ which provides a link which expires within a few hours