Media Hub

Charities need to act now to be GDPR compliant
25 May 2018

GDPR, the new Europe-wide data protection law intended to provide greater protection around personal data, comes in to effect later this week and whilst its imminent arrival has been long spoken of, questions still abound as to what an organisation’s responsibilities are. 

Stuart Rea, Head of our Charity and Not-For-Profit team, explains what the implications are for charities and what they need to do to ensure compliance.

“Unless you’ve been living off-grid or haven’t opened your emails in the past few months, it’s unlikely that you’ll have missed hearing about GDPR.  You may, however, have felt that it was still a way off and you’d turn attentions to it at a later stage.  Well that time has come and simply, you cannot ignore this anymore.

“From Friday May 25th, every organisation that handles personal data will need to ensure compliance and as a charity that means that if you ask for, receive or hold personal information from others (notably your donors, users of your services and volunteers and staff) then these regulations will apply.

“The Information Commissioners Office is the regulator responsible for GDPR and its website contains a wealth of information to help you understand its detail.  It even has a dedicated page for charities, as does The Charity Commission.

“Hopefully, you’ll have met already with your trustees to discuss how you currently manage the data you hold, how you plan to improve this moving forward, and what your plans will be for newly acquired data in the future.  If, however, for any reason you haven’t then I’d strongly urge you to visit these online resources as a matter of urgency or contact your team of charity advisors at FBC Manby Bowdler.”

The ICO has guidance on how to meet the regulations standards. You can also find guidance from the Charity Commission.

For more information about GDPR and best practices for your charity, visit our GDPR page or contact Stuart on 01743 284159,

Meet Stuart Rea