By  at Forum Central

As you will probably know there is a growing amount of discussion about General Data Protection Regulations (GDPR) which come into force in May 2018 and Voluntary Action Leeds (VA-L) have been receiving an increasing amount of calls from local third sector orgs about it (most very worried).  Similarly they’ve had groups contacting them about the new(ish) Information Governance Standards in health structures (which have similar expectation to GDPR) and how they can help them be compliant (and having just achieved level 2 in IG they know what is expected).

Voluntary Action Leeds  will be doing the following the try and address these issues:

  • Putting some guidance on the Doing Good Leeds website – including links to the new guide by the Information Commissioners Office (ICO). The guide is designed for those dealing with day-to-day responsibility for data protection and includes a useful ‘12 steps to take now’ section. https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/.
  • They have sourced high quality training which will be free to local groups with a turn over of less that £20,000 (for others there will be a fee to cover costs)  – the first of these will be in the new year (it’ll soon be on the Doing Good Leeds website)
  • Within GDPR, there is a need for systems and processes to be independently audited; this can be done internally if you have sufficient size but for smaller groups (handling sensitive information) it may need to be externally sourced so VA-L are exploring options here – either large groups supporting smaller ones, mutual support through a buddy system or whether there needs to be a service offered to carry out this function.