We’ve all seen stories in the media about companies making errors with their billing and their customers being charged an over inflated amount; the decimal point being in the wrong place, the computer system errors, the reasons can be many and varied. Imagine a vulnerable relative faced with the complexities of a billing error, trying to navigate the complications of telephone-based customer service teams, internet account management, and trying to unravel the puzzle of why their monthly charge was higher than usual.
This is the challenge that Risk Evolves is helping a client to resolve.
Not that Risk Evolves usually provide services to consumers, but in this instance their client was a housing association who had a vulnerable tenant confronting exactly this scenario.
The opportunity arose when Anna Walters, Senior Consultant at Risk Evolves, was delivering some data protection training to a small charity who provide housing and support to financially vulnerable adults. When they started talking about the data protection rights we all have, there were some knowing looks amongst the participants.
It didn’t take long to work out that a vulnerable tenant may be able to use the right of access, often referred to as a Subject Access Request (SAR). This right allows us to ask for a copy of our personal data, which could be contained in emails, transcripts of telephone conversations, paper notes, computer files, and so on. In this instance, we recommended that the right should be used to gather evidence, including copies of previous communications, the information on what the invoicing was based and records of payments that had already been made.
The second right that the team felt could be applied, another of the eight that make up our individual data privacy rights, is the right to restrict any further processing of the personal data, allowing the tenant to request a temporary pause in debt collection activity. This was especially important for the consumer who felt that the activities may have had a negative impact on their credit status whilst the accuracy of the billing data was being checked and the query concerned being resolved.
But how did we do this?
By writing a simple email to all the parties involved. Each party was asked for a subject access request which allowed the individual to receive a copy of their personal data, and to apply a temporary restriction to the debt collection activity while the accuracy of the billing data was being reviewed. Typically, an organisation then has a calendar month to respond. However, these things can take time though, especially if the organisation receiving the requests doesn’t have the appropriate processes in place to service them. By having all the information at hand, it was then possible to prove the billing errors and achieve a satisfactory outcome, and an apology.
Anna was delighted to be able to bring these rights to life for her client, providing them with the opportunity to support a vulnerable tenant. She said,
Privacy is a human right afforded to all of us, and the data protection laws provide us with fundamental rights as to how organisations should treat our personal data. This case is an example of how important it is to understand these rights and to be able to exercise them, or to support others in doing so. We all trust organisations to process our data accurately and fairly, and where this isn’t happening, it can feel like we’re at the mercy of the intransigence of these large organisations. Knowing our rights can tip the balance back in our favour and allow us to challenge unfair and unfounded decisions and errors.
To learn more about individual rights in relation to data privacy, please contact: Anna_walters@riskevolves.com
Further information on your data privacy rights can be found on the ICO’s website: https://ico.org.uk/your-data-matters/
