Data protection
Data protection and GDPR (General Data Protection Regulation) are the legal requirements of all groups working with personal data. Personal data is information about a person which identifies them, such as their name or address. Sensitive data is information that could be used to target someone such as their ethnicity, health or sexual orientation and requires protection. However, there are some simple things your group needs to consider and understand to make sure you deal with data to keep it safe and avoid data being seen by those who might misuse it.
If you keep your data on a computer, you need to consider cyber security which is about keeping data secure from those that might seek to misuse it by accessing it remotely.
Top tips and things to remember
- Only collect the data which you need. This might be names and email addresses. For example, if you need to know if people live locally but don’t intend to post anything to them you can collect their postcode and not their full address.
- A simple GDPR policy and privacy policy should be created to highlight how your group processes and deals with data and how you would deal with a data breach.
- Have a written statement called a privacy notice explaining what you will do with people’s data, how long you’ll keep it and how you will keep it safe. Ask people to tick a box to say that they agree to you contacting them by email or by phone. You also need to tell them how they can ask you to delete their data.
- Try not to keep data on someone’s computer, instead use cloud systems with passwords which can be changed when roles change. Be careful when emailing groups. Always BCC your contact group so as not to share email addresses without the consent of everyone. This is a data breach.
- Password protects files kept on a computer and only allows access to those who need to know. Do not keep personal data on unencrypted memory sticks.
Need more support?
If you need more support or one-to-one advice on this topic, get in touch with either Hunts Forum or CCVS. We have knowledgeable staff who can advise and offer more support suitable for your organisation. If you are not sure which organisation to contact email us at info@supportcambridgeshire.org.uk, and we will pass you on to the right person.
Local resources
More information about data protection can be found on the Information Commissioner’s website.
Information Commissioners website
Cambridgeshire Constabulary have information on its website about cybercrime and things to look out for.
Cambridgeshire Constabulary website
Local training
Support Cambridgeshire has partnered with VSL Consulting to offer CPD-certified Safeguarding (Children and adults), GDPR and Cyber security training for all VCSE groups. This low-cost training allows you to sign up your staff and volunteer to complete training in their time. To access this training click here. Ensure you mention ‘Support Cambridgeshire’ to obtain your discount; otherwise, it may not apply.