Posted by Mark Birchenough on February 5, 2018
The Department for Digital, Culture, Media and Sport (DCMS) recently published the results of its research into preparation for the new GDPR legislation which comes into force on 25 May 2018. The link to their findings is at:
The DCMS research revealed that, out of a survey of 569 charities, only 44 % of charities in the UK are currently aware of the existence of GDPR and far fewer have actually done anything in preparation for its implementation.
Just over a quarter of those aware of GDPR have made changes to their operations in preparation for the introduction of GDPR with the main changes being to cyber security practices and policies.
GDPR stands for General Data Protection Regulation which is a new law that places more stringent rules on how organisations store and use personal data. Organisations will need to have a lawful basis for processing personal data which will include data held about employees, donors, and those on marketing lists. Every organisation will need to be able to demonstrate that it has provided suitable notice to each individual which will include details about the purpose for holding their data, for how long it is held, and who they can contact to make an enquiry or complaint.
We recommend that every charity takes steps now to raise awareness of GDPR and begin making plans and preparations for its introduction in May. Actions should include:
Further information and guidance on preparation for GDPR can be found in Will Hanbury’s blog last month.
Breaches of GDPR may attract a fine and may also lead to reputational damage so action must be taken now to be ready for when it comes into force.
If you have any queries or concerns about the introduction of GDPR please feel free to discuss this with your usual Bishop Fleming contact.