Data Protection - guidance and support
In NICVA we have also been preparing ourselves for the new regulation by setting up a GDPR working group, doing an audit of all our data and data processes, improving our data security and reviewing our policies and procedures with regards to data. It is a work in progress and we continue to work closely with the staff to inform them of the changes and work out how best to comply.
The Data Fridays started in November 2016 and over this time we have been on a learning journey as the GDPR has developed and we have understood more about what it means in practice. It is principle based legislation and as such requires us all to take the principles and decide how we implement them in our organisations. This can be challenging as often there is not a straight-forward answer to our queries and we have to make a judgement that we can justify and stand over.
The key issue for us all is treating everyone’s personal data with the respect it deserves and increasing documentation, transparency and accountability. We want to be organisations that value people and their data and are trusted to process and manage our donors, supporters, service users, members, volunteers, trustees and staff data in the best way possible.
Many organisations are now in the midst of preparing for GDPR and making changes to current policies and procedures. It is vital that all trustees, staff and volunteers embrace the new procedures and work to ensure that data is protected according to GDPR.
We want to help you prepare for GDPR and support you on your journey
Information and guidance
Data protection legislation covers everyone about whom you keep personal data. This includes employees, volunteers, service users, members, supporters and donors. The legislation requires organisations to comply with eight principles for data protection. Every organisation should have a written policy and procedure that is specific to their context about how they handle personal data and enact privacy principles.
In addition to the articles and resources that NICVA have written there is some excellent guidance available from ICO and other sources for example:
- Preparing for GDPR 12 steps to take now
- Frequently asked questions for charities
- Checklist for data controllers and data processors
- Fundraising regulator and IOF – GDPR and charitable fundraising guidance
- NCVO Knowhowtononprofit How to prepare for GDPR
- Inspiring financial leadership – GDPR guide for charities
Awareness and training
Data Fridays - Over 600 people have attend the Data Friday’s in 2017 and these sessions have increased awareness of GDPR and taken us on a journey of preparation and fuller understanding of what it means for us as organisations in the voluntary and community sector. We will continue offer these sessions over the next months and develop more specific sessions on particular issues. The dates for the next Data Fridays are - 9 March, 27 April, 25 May and 2 June, more details to follow.
Bespoke training - We are also providing training sessions to other networks and groups of organisations such as Rural Community Network, North West Community Network, Faith based organisations, Organisations in East Belfast - as much as our current capacity allows.