Medway Volunteer Network

Read More >

New Training Brochure - Voluntary Sector

View Now >

New Training Brochure - Private Sector

View Now >
Role of a Trustee
Role of a Trustee
This course is for trustees and staff who want......read more

31-Jul-2018Are you Worried About your Child being Criminally Exploited? – Advice and Resources from MSCB Do you think a child you know may be involved in selling drugs or other types of criminal activity? Have you seen a..

Data Protection Reform – May 2018

21-Nov-2017


The revisions for Data Protection law are due to take effect from 25th May 2018, and organisations are being advised to prepare for the changes.

In roughly six months’ time, the rules surrounding Europe's data protection policies will be going through their biggest changes in nearly 20 Years.

Since their creation in the 90s, the amount of digital information we create, the information we capture, and the amount of information we store has vastly increased:

As a result, the existing regulations can be seen as no longer fit for purpose.

The solution is the mutually agreed General Data Protection Regulations (GDPR), which will come into force on 25th May 2018. It will change how businesses and sector organisations can handle the information of customers and clients.

GDPR will replace the existing Data Protection Directive from 1995 and is designed to work with and complement data privacy laws across Europe, as well as protect and empower all EU citizens’ data privacy and reshape the way organizations across the region approach data privacy.

This will mean that every organisation or group that processes the personal information must adapt their data handling, information security, compliance processes and contractual relationships by 25th May 2018.

The sentiment from the National Council for Voluntary Organisations (NCVO) is that the new laws will cover everyone whom companies and businesses keep personal data about; this includeS employees, volunteers, service users, members, supporters and donors.

The NCVO say that the legislation:

  • Will ask organisations to register if they keep records
  • Will govern the processing of personal data; this including 'personal sensitive data'
  • Will require organisations to recognise and abide by the eight principles for data protection
  • Will give employees, service users and other contacts the right and freedom to request to see the personal data held on them.

The NCVO advises that every organisation should have a written policy and procedure that is specific to their context about how they handle personal data and enforce privacy principles.

GDPR, however, is not just a tick box exercise - it will need all staff and volunteers to take on and recognise new methods of work.

Although this is seen to possibly be the biggest overhaul of data protection laws for over 20 years, and is introducing new requirements for how organisations process personal data, GDPR is an evolution, not a revolution.

The existing Data Protection Act already requires that data is processed fairly and lawfully, so charities should NOT have too much more to do.

So there is no need to panic – the changes to the existing laws can be taken as an opportunity to review how you process data already and make sure you have plans in place to make the changes needed to be ready for May 2018.

The Information Commissioner's Office (ICO) is the regulator for data protection and privacy law, and their website is a source of information and support to help organisations and charity groups prepare for the changes. Their help includes:

At the time of writing, ICO will also provide an advice service by phone.

You will be able to call them on 0303 123 1113 or 0162 554 5745. You can also email ICO at casework@ico.org.uk.

MVA will also be publishing a series of articles based around the ICO’s 12-point plan to help organisations prepare for the changes.

For more information, visit the ICO website.


 


Comment

No Very





Captcha Image