Aug 16

Free Data Protection check up from ICO

Information Commissioner's Officer

Get a free health check of you DPA compliance

Data Protection is a serious issue. With the amount of personal details charities hold, and not only in terms of donors, but of internal staff, it’s important to ensure you are complying.

This is not just to ensure you avoid the fines and even custodial sentences that serious breaches can bring, but to ensure the trust of your donors, and staff.

Many of the guidelines I mentioned here, in preparing for inspections, can be applied to preparing your Data Protection compliance, such as identifying processes, allocating responsibilities and document control.

Other ideas, from the ICO website, include:

  1. Tell people what you are doing with their data. People should know what you are doing with their information and who it will be shared with. This is a legal requirement (as well as established best practice) so it is important you are open and honest with people about how their data will be used.
  2. Make sure your staff are adequately trained. New employees must receive data protection training to explain how they should store and handle personal information. Refresher training should be provided at regular intervals for existing staff.
  3. Use strong passwords. There is no point protecting the personal information you hold with a password if that password is easy to guess. All passwords should contain upper and lower case letters, a number and ideally a symbol. This will help to keep your information secure from would-be thieves.
  4. Encrypt all portable devices. Make sure all portable devices – such as memory sticks and laptops – used to store personal information are encrypted.
  5. Only keep people’s information for as long as necessary. Make sure your organisation has established retention periods in place and set up a process for deleting personal information once it is no longer required.

(read full post here)

They also over more guidelines for charities here.

In order to help the charity sector, they are now offering a free health check of your Data Protection processes, which I recommend you snap up as soon as you can!