Six tips on using data to prevent and detect social housing fraud
How can housing organisations use data to prevent and detect social housing fraud while making sure they abide by the laws of the Data Protection Act? CIH specialist adviser Fleur Priest-Stephens shares some top tips.
Over the last four years the making best use of stock team has visited hundreds of housing providers to collect and share good practice in tackling tenancy fraud.
Data sharing remains a hot topic of conversation, so I’ve compiled six top tips for how to use data to prevent and detect social housing fraud:
- Know your data. You need to have a good understanding of the type of data your organisation holds, and what you want to share. For example, does the data relate to a living individual? Can they be identified from it? If the answer is yes, this data is known as ‘personal data’ and there are laws around how you can use it, all covered by the Data Protection Act 1998 (DPA).
- Know what data other organisations have. Think about what data you need for your investigations and where you could get it from. This might include homelessness applications, benefit claims, right to buy applications, or even usage and billing information from utility companies.
- Get to grips with the gateways. The DPA has a number of legal ‘gateways’ which means it is possible to share data without breaching the Act. Identifying the most appropriate gateway to use will depend on the circumstances of your investigation. The CIH has produced guidance which might help, or alternatively consult the Information Commissioner’s Office or your local authority fraud department.
- Make sure that you only ask for and share data which is relevant, and that any disclosure of data is proportionate. For example, do you need to see someone’s full payment history, or do you just need the address where they are registered with the company? Be clear that sharing data is justified, and meets your objectives.
- Set out a clear framework and stick to it. Set up a data sharing agreement with bodies that you want to share your data with, which lays out the rules and guidelines for how the data will be shared. Remember that every party in a data sharing agreement is responsible for collecting, sharing and storing the data in line with the DPA.
- Tell people what data you collect, why, and who you are going to share it with. A Privacy Notice (also known as a fair processing notice) is a statement that explains all of these things; it usually has a wide scope, and for a housing provider will apply to the use of all personal data within an organisation. Your privacy notice must be available for customers, and it’s sensible to put it on your website.
Data sharing is a useful tool to tackle housing fraud, however it is essential that you treat your customers’ data in line with all the relevant legislation, including the DPA. The Information Commissioner’s Office has issued a number of checklists to help providers stay within the law, and they are all available on its website.