Data Protection - guidance and support

9 Mar 2018 Sandra Bailie    Last updated: 10 Mar 2018

NICVA has been working closely with the Information Commissioners Office (ICO) to help inform the sector about and prepare the sector for the General Data Protection Regulation (GDPR) taking effect from 25 May 2018.

In NICVA we have also been preparing ourselves for the new regulation by setting up a GDPR working group, doing an audit of all our data and data processes, improving our data security and reviewing our policies and procedures with regards to data. It is a work in progress and we continue to work closely with the staff to inform them of the changes and work out how best to comply.

The Data Fridays started in November 2016 and over this time we have been on a learning journey as the GDPR has developed and we have understood more about what it means in practice. It is principle based legislation and as such requires us all to take the principles and decide how we implement them in our organisations. This can be challenging as often there is not a straight-forward answer to our queries and we have to make a judgement that we can justify and stand over.

The key issue for us all is treating everyone’s personal data with the respect it deserves and increasing documentation, transparency and accountability. We want to be organisations that value people and their data and are trusted to process and manage our donors, supporters, service users, members, volunteers, trustees and staff data in the best way possible.

Many organisations are now in the midst of preparing for GDPR and making changes to current policies and procedures. It is vital that all trustees, staff and volunteers embrace the new procedures and work to ensure that data is protected according to GDPR.

We want to help you prepare for GDPR and support you on your journey

Information and guidance

Data protection legislation covers everyone about whom you keep personal data. This includes employees, volunteers, service users, members, supporters and donors. The legislation requires organisations to comply with eight principles for data protection. Every organisation should have a written policy and procedure that is specific to their context about how they handle personal data and enact privacy principles.

In addition to the articles and resources that NICVA have written there is some excellent guidance available from ICO and other sources for example:

Awareness and training

Data Fridays - Over 600 people have attend the Data Friday’s in 2017 and these sessions have increased awareness of GDPR and taken us on a journey of preparation and fuller understanding of what it means for us as organisations in the voluntary and community sector. We will continue offer these sessions over the next months and develop more specific sessions on particular issues. The dates for the next Data Fridays are - 9 March, 27 April, 25 May and 2 June, more details to follow.

Training calendar - Introduction to GDPR webinar (free to NICVA members) and Getting Ready for GDPR practical workshops 18 April and 9 May 10am-1pm

Bespoke training - We are also providing training sessions to other networks and groups of organisations such as Rural Community Network, North West Community Network, Faith based organisations, Organisations in East Belfast - as much as our current capacity allows.'s picture
by Sandra Bailie

Head of Organisational Development

[email protected]

Share your COVID-19 support service

Organisations providing support to people and communities can share their service information here

> Share your support

Not a NICVA member yet?

Save time, money and energy. Join NICVA and you’ll be connecting in to a strong network of local organisations focused on voluntary and community activity.

Join Us

NICVA now welcomes all small groups for free.