complyThing in HousingJulie WhitingJuly 20th 2018
The housing sector like all others has recently had to become and remain compliant with the GDPR. cloudThing's data management tool can help ease some of the resource headaches (like universal credit and tenants' personal data) that may be arising from ongoing compliance with the GDPR.
Like every other industry, Housing should already be aware of and compliant with the GDPR requirements. For housing associations to provide services to tenants, a great deal of personal data must be collected from tenants and it is this that needs to be reviewed and given consent from the associated individuals to store/use their data. I'm sure that most organisations have already got something in action to meet the requirements of the GDPR and are sick of all the scaremongering coming from suppliers. In our own journey to be come compliant, we found that ensuring we could manage the ongoing requirements of the regulation and remaining compliant in a way that is repeatable, scalable and cost effective was also a challenge. This blog should still be of interest to those with and without GDPR compliance as we discuss the benefits of striding to remain compliant, so don't stop reading!
To become compliant and ensure we could maintain our standards across multiple locations, staff and services, we needed to find a tool which was easy to use, comprehensive and modular to cover different requirements and standards such as ISO. Let's get to the point, we did not find one that suited us and therefore, we had to build our own. Housing organisations hold much information ranging from personal data on tenants,to information on universal credit (if that applies to the individual). For those who aren't yet compliant, don't panic, our modular tool, complyThing, can help you on your journey to compliance. For those who have become compliant with the GDPR, my question is this: how are you going to continue to remain compliant to avoid any major fines? Allow me to introduce you to complyThing, cloudThing's data governance, risk and compliance tool which can help housing organisations become and remain compliant. This tool is best examined when applied to real world problems with maintaining compliance in Housing , rather than tell you about the tool, let’s examine how it can assist the common headaches facing Data Protection Officers in Housing Associations today.
A good place to start would be universal credit, a benefit that was 'designed by the Government to support people who have little to no income with their basic living expenses and housing costs'. So, what are the flaws of this benefit and why is it of concern to us?You've probably guessed it, payments and personal records are stored in more than one place and again, this retention of information needs consent from the individual involved. As many know, the minimum waiting time for the first payment is 42 days and it can lead up to 60 days. For many this can result in rent arrears which could cause more than one problem: some examples are no money for food, mental health damage, and eviction which in turn create more problems for the Government and Housing. If you aren't up-to-date with who owes what and when for their rent, this could also affect your organisation's house building plans. This is where complyThing can help you organise your data so that you know who owes what and when, as well as which departments, third parties and individuals have access to this data and where it is stored. As the saying goes, your account management system is only as good as the data in it. complyThing can assist with ensuring that your data is up-to-date and not duplicated to different versions across your customer service and finance departments. Using this data with consent and for different purposes can enable you to keep tabs on when universal credit is due to be received by the individual, and who will need to be chased up for payment.
Naturally there are a high number of tenants and all their data needs to be up-to-date and stored safely. If the tenant moves location, this information needs to be updated, but what to do with the old information? Is it backlogged and kept for other uses other than the intended? If so, this is not compliant with the GDPR. The individual must give consent to all uses and storage of data, if your permission statements are not articulate in what the user consented to, you may need to reissue your terms to ensure compliance. complyThing can help ensure that standards of consent are consistent across your data sets with automated reporting on consent on an individual record, as well as on the data set. This helps ensure that you can share this data across the organisation to ensure those that need to contact individuals, can lawfully do so.
There is always going to be a drive for improvements and to save costs within housing. IT Directors are put under increasing pressure to act as a champion of innovation and technology within the organisation to take on new‘digital first’ approaches. By ensuring that the IT Infrastructure is built upon a foundation of compliant, process-driven and portable data means that there are no surprises or slowdown in new solutions being made available while the organisation waits for consent from customers to avoid large fines. We know that the penalties may not be as massive as threatened, but no IT Director wants to sacrifice security for innovation when engaging a third party or building a new solution knowing the cost could potentially be millions of pounds worth of fines. With complyThing, Housing Associations know what data they hold, what it can be used for and who can access it. This gives Senior Management more confidence when investing in innovative new technologies as it will be secure, compliant and they will gain value from existing data.
Becoming GDPR compliant is an action that needs careful and dedicated attention. However, remaining compliant is a whole new challenge. If you asked yourself how you would monitor and keep yourself compliant, would you be able to answer? How would you do it? Here at cloudThing, we have not only created and built complyThing, but we use and trust it in our own company, as do many of our early adoption customers. We can help your data stay organised so that it will be simple and quick to act on a customer's request for all the personal data you hold on them. If you are in the situation where you must provide lawful justification for holding data on a tenant, your contact team will be able to use the tool to respond within a matter of minutes. This means less time spent staring at a screen/looking through files, less headaches and more time to focus on your work - sign me up!
If this blog has inspired you to find out more about complyThing and how it can be tailored to your organisation to help you remain compliant with the GDPR, then don't hesitate to give us a call on 0121 393 4700 we would love to speak with you!