GDPR has been a hot topic for most people within charitable organisations this year.
Here are the ICO’s top five data protection tips for small and medium sized charities:
- Tell people what you are doing with their data
People should know what you are doing with their information and who it will be shared with. This is a legal requirement (as well as established best practice) so it is important you are open and honest with people about how their data will be used.
- Make sure your staff are adequately trained
New employees must receive data protection training to explain how they should store and handle personal information. Refresher training should be provided at regular intervals for existing staff.
- Use strong passwords
There is no point protecting the personal information you hold with a password if that password is easy to guess. All passwords should contain upper and lower case letters, a number and ideally a symbol. This will help to keep your information secure from would-be thieves.
- Encrypt all portable devices
Make sure all portable devices – such as memory sticks and laptops – used to store personal information are encrypted.
- Only keep people’s information for as long as necessary
Make sure your organisation has established retention periods in place and set up a process for deleting personal information once it is no longer required.
With MuchLoved’s Tribute Fund platform you can clearly tell users of the service what you’re doing with their data, how you are storing it, present the opportunity to sign up to marketing in the way they want and provide details of how they can amend their preferences. Ticking one of the ICO’s top five data protection tips.
For more information on MuchLoved’s integrated Tribute Fund Platform please get in touch firstname.lastname@example.org