The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). If you hold and process information about your clients, employees or suppliers, you are legally obliged to protect that information. Under the Data Protection Act 2018 you must make sure the information is: used fairly, lawfully and transparentlyused for specified, explicit purposesused in a way that is adequate, relevant and limited to only what is necessaryaccurate and, where necessary, kept up to datekept for no longer than is necessaryhandled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage If you handle personal information you may need to register with the Information Commissioner’s Office (ICO) as a data controller. Notification is a statutory requirement and every organisation that processes personal information must notify the ICO unless they are exempt. Failure to notify is a criminal offence. The ICO has an online Data Protection Self-Assessment Toolkit which provides a ‘health check’ of where organisations are currently in relation to the specific areas covered in the toolkit: records management, security and the handling of subject access requests. About Data Protection The ICO has produced lots of resources about Data Protection for organisations which includes tools to assess your lawful basis for processing personal information and resources for reporting a data breach. Organisations can also sign up to the ICO E-newsletter to stay up to date with new guidance as and when it is released. The ICO advice service for small organisations Tel: 0303 123 1113 Learn more We have a series of Data Protection courses which are open to all voluntary sector organisations, with a discount for SCVO members. Resources Guide to Data Protection (ICO)Data Protection Self-Assessment Toolkit (ICO)UK GDPR FAQs for Charities (ICO)ICO helpline for small businesses and charities – 0303 123 1113 (ICO)GDPR essentials for fundraising organisations (IOF)SCVO’s free legal advice service for members – online referralCharities going digital - top 10 Data Privacy Tips (Bates Wells) {{>global_lateral-buttons }}