The General Data Protection Regulation (GDPR) story didn’t end on 25 May. Far from it, because ensuring compliance continues indefinitely. Indeed, the GDPR provides individuals with an extended and ongoing set of rights in relation to the collection and processing of their personal data; and places an increased and ongoing level of transparency and accountability on organisations.
Nor is GDPR the final say on data protection law. A new European e-Privacy law is expected soon; and the new Data Protection Act 2018, adds additional aspects to the GDPR. So going forwards, data protection should remain a key governance issue.
Fortunately there is a wide range of useful guidance available online, and you will find links to some of these below. But Green Pepper has produced some resources of its own that will be of use to VCSE and similar organisations. These are described here:
Check your current level of compliance with Green Pepper’s checklist Reviewing GDPR Compliance (pdf)
Starting from scratch? Download Green Pepper’s checklist Are You GDPR Compliant? (pdf)
Are you providing the right information about your data processing? Download Green Pepper’s checklist Checklist: Privacy Notices (pdf)
Download Green Pepper’s Cyber Security Checklist (pdf)
Want to carry out a data audit? Download Green Pepper’s Data Processing Audit Form (pdf)
Download Green Pepper’s 4-page briefing An overview of the GDPR (pdf)
Download Green Pepper’s briefing Consent in data processing (pdf)
Download Green Pepper’s briefing Legitimate Interest and Data Processing (pdf)
Download Green Pepper’s briefing Processing childrens data (pdf)
Download Green Pepper’s briefing Special Category and Criminal Conviction Data (pdf)
Training and consultancy:
Need some practical training? Green Pepper will be running some future workshops about data protection so please look out for details on this website and on social media.
If you require some help and advice for your organisation, Green Pepper can provide consultancy on an hourly or daily basis. Please contact David Green to find out more on 01858 456211 or use the contact page on this website.
The following links take you to external websites:
ICO: Guide to the General Data Protection Regulation
ICO: Lawful Basis for Processing using Legitimate Interest (detailed guidance)
CFG: General Data Protection Regulation: A Guide For Charities
IoF: GDPR, The Essentials for Fundraising Organisations