GDPR – where to start

17 August 2017

GDPR - where to start... the countdown has started

By Jenny Parsons, ProTech COO

If you are able to answer honestly that yes, your Not for Profit (NFP), membership organisation or association is on top of how to ensure General Data Protection Regulation (GDPR) compliance, then you are one of the lucky ones and would do well to share how you have achieved this with others in the sector.

For those NFPs still striving to get their heads around GDPR - which will apply from 25 May 2018 - and where to begin, one of the first actions should be to check how far along the GDPR compliance path your CRM provider is - after all your members’/customers’ data is ‘stored’ in your CRM provider’s solution.

You can read how the leading CRM providers working within the NFP market are already approaching GDPR on the Hart Square website. Hart Square is an independent CRM and technology consultancy so can be viewed as a trusted source of information.

To make sure that you are comfortable with the progress your CRM provider is making along its compliance pathway, it would be very helpful to look at the Information Commissioner’s Office (ICO) Preparing for GDPR – 12 steps to take now. The content is very easy to understand and includes a very useful infographic.

The ICO’s 12 steps also provide a guide as to what your NFP organisation needs to be doing to ensure its own GDPR compliance.

A word of warning, the ICO’s information commissioner Elizabeth Denham has warned that not everything written or said about GDPR is true.

In a recent article (10 Aug) its highly-respected Security Editor, Warwick Ashford writes that Denham has assured UK businesses that they will not be hit with fines for minor infringements and that maximum fines will not become common.

Denham warns that if misinformation goes unchecked, there is a risk that we will lose sight of what GDPR is about – greater transparency, enhanced rights for citizens and increased accountability.

To ensure that this does not happen Denham will be publishing a series of blogs to ‘bust the myths’ and ‘separate fact from fiction’ thereby helping organisations to be compliant by 25 May, 2018. Read her latest blog here and watch out for the rest of the series.

You may also have read about the recently announced Data Protection Bill and perhaps been a little confused as to how it fits in with GDPR. Warwick Ashford helpfully explains that the Bill is part of the government’s plans to bring UK data protection law into line with the GDPR.

According to Digital Minister, Matt Hancock, the Data Protection Bill will mirror GDPR and help achieve the government’s goal of ensuring an unhindered exchange of data between the UK and EU after Brexit.

That’s got to be good for us all.


Sign up to our newsletter and brochure

Continue to learn more about ProTech’s lastest news, insights, software updates and forth coming releases. Sign up for our newsletter and request a brochure.     SIGN UP HERE

Latest News