On 25 May 2018, the General Data Protection Regulation (GDPR) came into force. The aim is to bring data protection legislation into line with how personal data is used in today’s world, and will supersede the Data Protection Act 1998. The GDPR applies to ‘controllers’ and ‘processors’ of data. It will also:
- strengthen rules around personal data
- place a duty on organisations to be more accountable and transparent
- give individuals greater control over their personal data.
The Information Commissioner’s Office (ICO) has now opened a dedicated helpline for small businesses and charities, to help prepare them for the new law. You can read more about the helpline and other resources available on the ICO website. All charities should check the ICO website regularly for updates, and follow all guidance issued by the ICO about GDPR. The ICO have published a list of questions for small charities, signposting them to the ICO’s specialist helpline for small organisations and its self-assessment tool.
See further guidance here; https://ico.org.uk/for-organisations/sme-web-hub/