As a landlord, you handle a large volume of personal information. Not only do you have to keep existing tenants’ information on hand, but you also have information collected from prospective tenants during the screening process. Sensitive personal information, like social security and driver’s license numbers, are essential for a thorough background check on possible renters.
However, because of the abundance of personal information they’re responsible for, more and more property managers are becoming targets of identity theft.
If personal information that you’re responsible for is obtained and used, you could be liable for the damages. Unfortunately, when property managers are targeted, identity thieves usually take more than just one individual’s information, resulting in costly litigation fees. To protect yourself, it’s important to take the appropriate measures to safeguard any personal information given to you by prospective, current, and past tenants.
Individuals are becoming increasingly more concerned about how their personal information is handled. The information a potential tenant discloses to you during the leasing process is essentially everything a criminal would need to successfully steal their identity. For you, their personal information is necessary to ensure that you’re getting a good tenant, but they may still have fears that you need to address. Talking with prospective tenants about the safeguards you have in place can help them feel more comfortable releasing their personal information during the leasing process.
Identity thieves use a number of approaches to try and obtain personal information. To prevent unauthorized access, you must institute safety measures that strictly manage how personal information is handled.
Here are some considerations for securing tenant information.
Personal information should be released only to those persons or organizations specifically authorized by the individual. Never release personal information over the phone, through the mail, or electronically unless the receiver’s identity has been confirmed as legitimate.
Keep electronic attackers from successfully accessing your network by password protecting files and keeping your virus protection and firewall up to date. Also, avoid storing tenants’ personal information on laptops that are frequently used outside the home or office and could be easily stolen. If you need to access this information on the go, consider remote network access that’ll allow you to get the information you need from a central secure location.
Keep the amount of documents that include social security numbers to a minimum. Unless listing the number is absolutely essential, don’t include it.
Trash is a common target of identity thieves. To stop information from being picked out of the garbage, use a shredder when discarding any paperwork that contains personal information.
It’s important to make wise hiring decisions to prevent employee theft or leaks. Only those employees who require it to carry out their daily duties should have access to tenants’ personal information. Employees shouldn’t have access to all records, but instead, only to those that apply to their work. If an employee is terminated for any reason, make sure that access to any tenant information is immediately restricted.
When communicating with tenants by mail or electronically, always try to include as little sensitive information as possible. If it cannot be avoided, always do your best to ensure that it reaches the tenant in a secure fashion. Put outgoing mail directly into secure collection boxes, and only use electronic forms of communication if there are security measures in place to prevent public access.
Instituting a plan that regulates how your organization deals with tenant information will help keep your tenants safe while protecting your company from liability.
Source
https://www.dataprotection.ie/en/dpc-guidance/requesting-personal-data-prospective-tenants