Are you ready for Data Protection D-Day?
Don’t bury your head in the sand! Prepare now for GDPR – the new data protection regulations which will come into force on 25 May 2018.

OK, so data protection may not be a topic that you find particularly exciting. But like many of us, you may have read some of the horror stories about organisations that have misused personal data and as a result have been fined by the ICO. For our sector, the threat of financial penalties is scary, however, the risk of reputational damage is just as big a cause for concern. The loss of public trust and confidence can be devastating for charities and voluntary organisations and the ripple effect can have wider implications for our sector.

So what can we do to minimise the risks and ensure your organisation is ready for GDPR? Here are five tips to help you get started:


1. Make the Information Commissioner’s website your first port of call     

Here you’ll find blogs busting the myths around GDPR, training videos, tools, checklists and a 12 step guide to help you prepare for 25 May 2018.




2. Get your house in order
Make sure everyone in your organisation knows that GDPR is coming and it’s going to have an impact. Your staff, trustees and volunteers should be aware of the importance of managing sensitive personal data correctly. Remember – it’s your trustees that are ultimately responsible if anything does go wrong. NCVO have also produced a 12 point plan.




3. Personal data – what, where and who?
Due to the nature of our work, most VCS organisations hold what can be termed as ‘personal data’. You should know what personal data you have, where it came from, and who you share it with. You should have a retention scheme that considers legal requirements and organisational needs. Any personal data you no longer need should be securely destroyed.




4. Avoiding Breaches
Data breaches are a real concern, so it helps to ensure you have the right procedures in places to detect, report and investigate a personal data breach. Also know when you are required to report a breach.




5. Keep Calm and Carry On (But don’t bury your head in the sand!)
Don’t be alarmed, there is information and support out there. As well as the ICO information, WVSC is running a FREE GDPR session on 30th November for Wolverhampton based Voluntary and Community Sector organisations.

This will be an opportunity for us to look at the information together and share concerns and solutions that will lead to greater confidence in preparing for the May deadline. Please book your place here.

We can also help you review your organisation’s data protection policies and procedures, if you would like some support, please email:



Print Friendly, PDF & Email