The EU General Data Protection Regulation (GDPR) will increase privacy for individuals and give regulatory authorities greater powers.
VAC will be producing a series of briefings, starting with an introduction and leading to practical guidance for local organisations followed by a seminar in late 2017.
Data protection law will change from 25 May 2018, when the EU General Data Protection Regulation (GDPR) comes into force, giving enhanced protection of individuals’ data.
For practical high-level tips, see ICO’s guide to the 12 steps to take now. Among other changes, the GDPR gives a much tighter definition of consent.
Experts agree that currently the official guidance lacks the level of clarity required. However, detailed guidance will follow. The first piece of detailed ICO guidance, as part of a series of practical guides to be developed in the ICO’s plans, won’t be published until December 2017.
It’s worth saying that much of the debate and discussion in the sector and the media has been dominated by fundraising and whether doners will decide to opt in or opt out.
NCVO have an interesting blog post that sets out current thinking by the sectors main umbrella body.
Links and Resources
The Information Commissioner’s Blog – a series of blog posts exploding myths about GDPR
The Voluntary Arts guide to GDPR is a straightforward guide to the General Data Protection Regulation aimed at small arts organisations but applicable to any small organisation. It has good advice on making sure newsletters, mailing lists and data bases are all GDPR complaint. You can download it here.
The ICO published its main guidance, which is aimed at all organisations, in November.
The ICO has now published 12 frequently asked questions for charities, which draws on wider guidance to GDPR and directs users to other resources, such as the ICO’s self-assessment tool and its dedicated advice line for small organisations.