Good Data Protection compliance is not just a legal obligation; it also demonstrates that an organisation takes a responsible attitude to the information it holds about the people it works for, the people it works with and the people who support the work.

Most voluntary organisations have gradually become familiar with their responsibilities under the current Data Protection Act 1998, and many are aware that this will be replaced on 25th May 2017 by the EU’s new General Data Protection Regulation (GDPR).

GDPR is not a radical departure from the current situation, but it does introduce some important changes in the rules about how data may be legally handled and in the responsibilities of organisations.

At the same time, recent changes in the way fundraising and direct marketing are regulated mean that all charities have to review their current practice.

This course will:

• Ensure that all participants are confident about the basics of Data Protection, both now and in the future
• Put Data Protection in context – looking at its relationship to confidentiality, for example
• Explain fully the changes that GDPR will introduce and how the new requirements might be met
• Explore in detail the issues that will particularly affect small- and medium-sized charities
• Explore the options available to charities in their fundraising and direct marketing activities
• Enable participants to draw up an action plan

Who should come (orgs/people/roles)

The course does not require any prior knowledge of Data Protection. It is most suitable for people who have some responsibility for Data Protection, either at the organisational level (especially if they have been designated the organisation’s Data Protection Lead) or as a team or department manager. Fundraisers, communications officers, database managers and people with a compliance role should find it particularly useful.

Three reasons why people should come

1. In the past charities may have thought they would get an easy ride from the Information Commissioner. Not any more. If you don’t understand your organisation’s obligations, the result could be enforcement action, up to and including heavy financial penalties.
2. There is a lot of misinformation about GDPR, and some organisations are in a bit of a panic. The course will dispel rumours; the material is rooted in a thorough understanding of the text of GDPR itself and what it means.
3. Data Protection is really about people, not data. People – and the issues they face – are interesting. (And it’s always good to talk things through with people in the same boat)

Book here