This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Join our Mailing List

JOIN OUR MAILING LIST

The latest news from Devonshires, sent to you direct.

Join our mailing list and find out what we’re up to and what we think about recent events and future possibilities.

SIGN UP
| 2 minute read

How Data Protection legislation can help the Housing Sector: Common issues and practical steps published by the ICO

Housing associations rely on the processing and sharing of personal data, such as contact details and medical records, to provide services and support to their residents. However, it is important to note that anyone who processes personal data has a responsibility to protect it under data protection law. Failure to do so in the housing sector can put your residents at risk, which may have serious consequences for both your residents and your organisation. 

The ICO has issued guidance highlighting common issues relating to data protection in the housing sector, and how these issues can be prevented to help housing associations understand how to ensure the protection of their residents’ data.  

Common data protection issues in the housing sector

Common Issue 1: Inappropriate disclosures of personal data  

Personal data should only be disclosed when it is necessary and appropriate. To determine whether the sharing of data is justified, consider: 

  • What are you intending to achieve by sharing this data? 
  • Have you assessed the potential benefits and risks to individuals and/or society by sharing this data? 
  • Is it fair to share the data in this way? 
  • Is the sharing of data proportionate to the issue you are addressing? 
  •  What is the minimum data you can share to achieve your aim? 
  • Could the objective be reached without sharing any personal data, or by sharing less personal data? 
  • What safeguards can you put in place to minimise the risk of adverse effects of sharing this data?  
  • Is there an applicable lawful basis in the Data Protection Act 2018 (e.g., crime, law and public protection, health, social work and child abuse, etc.) 

Common Issue 2: Perceiving data protection law as a barrier to the necessary sharing of information 

Data protection law provides a framework for making decisions about sharing data appropriately – it is not intended to act as a barrier to sharing information to support residents when this is needed. When deciding whether to share personal information, consider: 

  • What information will you share? 
  • Are you intending to share special category data (e.g., political opinions, religious beliefs, genetic and biometric data)? If so, what safeguards will you have in place? 
  • What is to happen to the data at every stage? 
  • Who in your organisation can access the data? 
  • What technical and organisational measures are appropriate to ensure the security of the data? 

Common Issue 3: Failure to keep accurate records 

Good record management is vital to ensure the avoidance of data protection issues for both your organisation and your residents. 

Practical steps to avoid data protection harms in the housing sector

The ICO has set out some practical steps to assist you with the lawful processing and sharing of residents’ personal information, including: 

  • Prioritise staff training – ensure that all of your staff are adequately trained so they are aware of their organisation’s data protection obligations, and internal processes for handling any queries about personal data. 
  • Practice good records management – Keep an accurate record of any contact with residents to help you address issues and provide an appropriate level of service to those residents requiring additional support. 
  • Be transparent about what you do with your residents’ personal data – you must inform your residents about what information about them is being collected and ensure they understand the purposes for which this information might be used.

For more information or to discuss staff training on data protection legislation, please contact Hetal Ruparelia, Head of our Information Law team.  

To receive updates on topics relevant to you, at a frequency of your choosing, please subscribe to Devonshires Insights: Click here to subscribe

Tags

housing management & property litigation, information law, data protection, housing management & property litigation brief, landlords, property managers, registered providers, housing sector