25th May 2018, the date when GDPR brought about a major shift and clarity on data privacy. GDPR was designed to regulate the use and protection of personal data for all EU citizens by organisations of any size, across every sector (public or private) and every industry. From medical records to financial information, genetic information or just basic personal details, if the data identified an individual in any way, GDPR was designed to safeguard it.
So, what was the result? GDPR has heightened awareness of what constitutes personal data, data privacy issues and the resulting reviewing and adoption of new systems and practices.
In May 2019, the European Commission published information on the compliance with and enforcement of GDPR for the year May 2018 to May 2019. GDPR in numbers 2019 shows, among other things, the number of complaints received by a country’s respective data protection authority (DPA), the number of breaches as well as the fines issued. Interestingly, despite all the hype, just 67% of Europeans have heard of GDPR!
What’s in store for next year?
Following this first year of GDPR the UK’s data protection authority the ICO published an update on GDPR. It confirms that whilst it continues to support, advise and guide organisations in becoming compliant it still remains the responsibility of organisations to get it right.
Organisations and businesses have now had the opportunity to analyse and adapt their systems and implement the new infrastructure. The next year will be about reviewing it further to make sure there are no gaps where personal data is left unprotected.
Indeed, Elizabeth Denham, Information Commissioner, states ‘With the initial hard work of preparing for and implementing the GDPR behind us, there are ongoing challenges of operationalising and normalising the new regime. This is true for businesses and organisations of all sizes.’ She goes on to say ‘The focus for the second year of the GDPR must be beyond baseline compliance - organisations need to shift their focus to accountability with a real evidenced understanding of the risks to individuals in the way they process data and how those risks should be mitigated.’
It also has to be said that the ICO is and has already taken action. Recent headlines confirm that in cases where there has been a significant data breach, the ICO has levied heavy fines. It should also be noted that sanctions don’t come just as financial penalties. They can also include the suspension of data processing.
So how can GDPR compliance for landlords, agents or property managers be taken one step further to meet this focus?
GDPR for Landlords, Letting Agents or Property Managers in 2019
Whether you have a designated Data Protection Officer in place may depend on the size of your business and resources available. Either way, you will have already assessed and adapted your processes and controls but it’s a great time to do another audit of your procedures and practices tightening them up and adjusting them where necessary.
As a general rule the following should be noted:
Do you need help with GDPR compliance?
Whether you’re a landlord, agent, or property developer, modern property managers need to be able to combine easy communication with data storage, legal obligations, asset registers, cloud storage, and flexibility. Konnexsion offers a cloud based solution to maintain GDPR compliance. Here’s how:
For more ideas on how to get organised and remain GDPR compliant try Konnexsion for a no-obligation trial or demo. You will see Konnexsion offers you a powerful management dashboard ensuring professionalism and clear communication whilst complying with your statutory obligations.