Latest News

Speakers confirmed for largest-ever NAEA Propertymark Conference

20 September 2019

The 2020 NAEA Propertymark Conference will be held on Thursday 27 February 2020 in London. The conference is set to be the biggest yet and features a line-up of speakers with both inspirational and practical advice. Read More...

First time buyers hold many misconceptions

19 September 2019

A new study from Santander Mortgages has revealed striking misconceptions and knowledge gaps among aspiring first-time buyers as they prepare to make their most major purchase. Read More...

HMRC highlights money-laundering breaches and penalties

18 September 2019

HMRC’s list of business penalised for breaches of money laundering regulations has been updated. The businesses, which include financial services companies and estate agents, are listed on the gov.uk website detailing breaches that occurred in the 2019-2020 tax year. Read More...

 

Are you GDPR ready?

Friday 15 December 2017

Do you know how soon after a data breach you should report loss of data? What about the maximum penalty for non-compliance? With GDPR just five months away, it's time for agents to take action.

On 25 May 2018 General Data Protection Regulation (GDPR) will replace the existing Data Protection Act 1998, so if you haven't already started putting a plan into place, now is the time.

The new directive overhauls the way that data can be handled – handing power back to the user. But whilst the regulation is complex and requires a deep level of understanding, ignoring GDPR is not an option.

Act now!

When it comes to data protection, there are three basic rules that you should ensure are embedded in your organisation; know what data you collect from people; make sure you can justify why you collect it; and certify you have obtained the data and store it lawfully.

Due to a delay in solid guidance, in practical terms here are some of the things that you might wish to consider doing now to get ready:

  • Appoint a data protection officer - if you have over 250 employees, then this will be a legal requirement; if your agency is not that big, it is still a good idea to assign someone look after GDPR compliance.
  • Read the guidance and Myth Buster blogs from the Information Commissioner's Office (ICO) – the ICO is the ultimate authoritative source of GDPR information.
  • Document your processes involving personal data – to stand any hope of being compliant, you have to first work out what you are currently doing with personal data; only then can you adjust processes to become compliant.
  • Work out who you exchange data with – any third party who passes personal data to you, or who you pass personal data to, will need to work with you to ensure you are both compliant in exchanging personal data.
  • Review your existing Privacy Policy in conjunction with the above two points – the likelihood is that you are already processing personal data in ways which you have not explained at the point you were given the data.
  • Prepare your business – you will almost certainly have to change processes and procedures and this will involve training and support to ensure your team know what to do.

Save the date!

NAEA Propertymark will be holding a one-off course on 25 January, dedicated entirely to GDPR. Whatever stage of implementation you are at, our data protection expert will help get you up to speed on everything you need to know. We will update you with more details nearer the time, so watch this space!

In the meantime, the ICO has created a self-assessment toolkit to help you evaluate your level of compliance with the new regulations, and find out which areas within your business you need to develop to get ready for GDPR.