Why charities must act now to get ready for new data protection law
New legislation called the General Data Protection Regulation (GDPR) will come into force in May 2018, both here in the UK and across the EU, bringing a more 21st century approach to the processing of personal data. That means more protections for consumers and more privacy considerations for organisations.
In partnership with NICVA, we recently ran two sessions aimed at trustees and senior leaders in the charity sector to raise awareness of the changes coming to data protection law next year. For coverage of the day, NICVA has put together a very useful overview which you can find here.
The new legislation will need charities to look carefully at the way they do things. GDPR places more obligations on organisations to be accountable for their use of personal data, for example with strengthened rules regarding consent and duties about reporting data breaches.
GPDR also requires greater transparency regarding the way in which people’s information is used. Citizens will have more rights in areas such as being better informed about what organisations are doing with their data and having greater access and control over their data. For example, in certain circumstances people will have the right to request that data about them is erased.
GDPR means bigger fines for those organisations that get it wrong: failure to comply can have both reputational and financial costs.
We’d much rather it didn’t come to that though. The ICO is here to help charities through this important change. There’s a wealth of materials on our website to help businesses. At the ICO we understand the importance of clear English guidance for charities.
Pages on our website are dedicated to GDPR and include:
- 12 steps to take now – if all this is new to you, there’s still time to act. You can begin by looking at our 12 steps to take to get you started.
- Overview of the GDPR - this is a living document that will be added to as more guidance is produced, both by us and in Europe.
- Data protection self-assessment toolkit - giving you the ability to compare what you are currently doing around data protection and what you should be doing under the new regulation
Charities can also call the ICO helpline on 0303 123 1114 or make use of our live chat service.
We will also be continuing our Data Friday series at NICVA where we will talk about GDPR and the next seminar is scheduled for 18 August 2017. Find out more and book your place here.