Document Control

Landlords and property managers utilize a large number of different documents. Some are used regularly, others only occasionally, and many landlords may never have need for certain ones. Use of adequate documentation is important for selecting good tenants, minimizing misunderstandings and the conflicts that often result from misunderstandings, meeting requirements of laws, and providing paper trails that provide proof of what really happened in case an applicant or a tenant wishes to dispute a matter.

Control of all documentation related to rental property is very important. Fair housing is often the most mentioned documentation issue, particularly regarding tenant screening and selection issues, however, adequate control can also be important for a variety of other issues.

Tenant screening documents are arguably the most important because they typically contain a considerable amount of detailed personal information that, if it falls into the wrong hands, can result in serious damage to an applicant’s, tenant’s, or employee’s finances, reputation, or privacy.

Of particular importance are those documents that contain identifying information such as date of birth, past and current residence, spouse name, Social Security number, bank account and/or credit account information, and other information of possible interest to an identity thief. Application forms and credit reports are usually the documents that contain the largest number of personal information items and are of obvious concern. However, other documents can also contain items of personal information. Screening information other than credit reports are in this class.

There is also the risk of incorrect information creating problems. Incorrect information can appear in any type of screening report. This is why an applicant should usually have a chance to explain derogatory information on a credit report or other screening item and one of the reasons why the FCRA requires an adverse action letter be provided to applicants when rejection occurs as a result of credit information. Also, it is possible for a criminal report to show the record of someone with the same name as an applicant, but is not the applicant.

The Fair Credit Reporting Act (FCRA), enforced by the Federal Trade Commission, was designed to promote accuracy and ensure the privacy of the information used in consumer reports. The term ”consumer report” as used in the FCRA means any written, oral, or other communication about an individual’s personal credit worthiness, character, and general reputation. Enacted in 1970 and substantially amended in the late 1990s and again in 2003, the FCRA regulates how credit reporting agencies use credit information, restricts access to that information, and regulates the manner in which that information can be used. The amended Fair and Accurate Credit Transactions Act (FACTA), passed in December 2003, added new regulations for identity theft protection, credit report access, and data privacy.

Although most documents not related to screening do not normally contain personal information that is likely of concern, such is not always true. If important personal information such as Social Security number or date of birth appears on any document, the same care should be taken as for an application form or credit report.

In the worst case, information contained in documentation can result in identity theft. Identity theft can result in a landlord having to defend against potential claims, lawsuits, and/or governmental prosecutions related to failure to adequately safeguard the documentation of applicants, current tenants, and past tenants. When the problem is due to improper control of documentation, a judge or jury may award significant damages.

There are a few other documents related to screening that, while not likely a concern regarding ID theft, could be a source of embarrassment to individuals and could result in litigation against a landlord, particularly if the information is erroneous.
Document control can be divided into three parts:

o Security – how documents must be stored and who may access them
o Retention – what documents must be retained and for how long
o Disposal – when and how documents should be destroyed

Security

Landlords must protect the privacy of consumer information and reduce risks of fraud and identity theft. Sensitive information obtained directly from applicants, tenants, or employees; consumer reports; and information from employers or previous landlords must be properly secured and access restricted.

Landlords, property managers, and employers must safeguard all documentation containing information regarding applicants, tenants, and employees. This includes both paper files and computer files.

Paper records must be secured inside a well-built cabinet under lock and located in a secure area. Information and computer programs that can access that information stored on a computer or portable devices must be secured by password protection to prevent unauthorized access. It is recommended that access to online systems be restricted to a designated terminal which is located in a secured area. Backup diskettes, flash drives, and hard drives should be located in a secure area. Preferably, such items should be locked up with the paper records.

In all cases, access to records must be limited to trusted individuals and only on a need-to-know basis. In other words, even trusted personnel should not have access to the records unless access to the records is necessary for performance of their job tasks.

Procedures should be established to restrict access and adequately protect all sensitive information after normal business hours.

When those having access to critical documentation are no longer associated with the business or even are no longer employed in a capacity requiring access, key locks should be rekeyed, combination locks changed, and computer passwords changed.

Failure to follow appropriate procedures regarding security of personal information of applicants and tenants can expose landlords to lawsuits by those parties and to penalties under the Fair Credit Reporting Act (FCRA), as amended by the Fair and Accurate Transactions Act of 2003 (FACTA), which requires certain security procedures when storing or disposing of information about applicants and tenants.

Retention

Landlords need to keep records on all inquirers, applicants, current tenants, and past tenants. Although fair housing is often the most important issue, retention can also be important for security deposit disputes, maintenance matters, and a variety of potential health, safety, and security issues.

Documentation related to all marketing, applications (whether withdrawn, rejected, or accepted), and occupancy, should be retained. In other words, absolutely everything related to every inquiry, application, and tenancy should be kept. The best defense against a Fair Housing or any other type of claim is being able to produce a set of records that shows consistent nondiscriminatory application of written screening and selection criteria.

While the retention period will usually be in the range of 2 to 5 years, it can depend on the type of document, the statutes of the particular state, and when the plaintiff discovers he has been damaged.

Disposal

Landlords and employers must also eventually destroy all documentation containing personal information regarding applicants, tenants, and employees when it is no longer needed.

When there is no longer a legitimate business need to retain an applicant’s, tenant’s, or employee’s credit report, FACTA requires disposal of the credit report along with any information taken from such report in a manner that guarantees destruction of the information.

The level of document destruction should be reasonable within the context of the business. This usually means the burning or shredding of paper documents. For computer documents, it is not sufficient to only delete files by sending them to the computer’s recycle bin. Although permanently deleting the files from the bin is better than not, it is best that a computer utility program be used to erase the data completely by deleting the directory and text files.

Failure to comply with the law can result in costly fines and damages by the FTC and/or state agencies as well as tenants’ or employees’ lawsuits for actual and punitive damages and attorney fees for each violation. Inadequate security or improper disposal can be costly in both time and dollars related to enforcement by the FTC and/or state counterparts. Liability can include actual damages – e.g., charges against an individual’s credit card – and/or damages of $100 to $1,000 per violation, attorney fees, and costs.

Licensees

For property managers, who are regulated by a state licensing agency, the records which must retained and the period of time for which various records must be retained are defined by state statutes and/or regulatory agency regulations and the periods may be different than for landlords managing their own properties. Penalties for licensees are almost always significantly greater than for non-licensees, particularly as it can affect their continuing in the business. Licensed managers must know the laws and regulations for their states and follow them closely in order to avoid potentially serious penalties including license suspension or revocation.

© Copyright 2000-2010 YouCheckCredit.com. All rights reserved.