Charities and NFP - Turn GDPR to your advantage by focusing on three key things...
Posted on Nov 03, 2017
GDPR isn’t something that can be ignored but neither is it something that can’t be dealt with. Don’t see it as a problem or an issue but as an opportunity to improve and change your processes.
Register for access
To access the download please complete the form below. After registration you will be able to access other site downloads.
GDPR will have a big impact on the people, processes and technologies across your organisation but you can turn it to your advantage by focusiing on three key things:
- People - Look at what your own people are doing. Are they following internal guidelines and rules on data storage (do you even have any in house rules)? Make sure staff (permanent, temporary and volunteers) understand the dangers of using ad-hoc storage or file sharing solutions that are not managed by the organisation.
- Technology - Review your core software solutions. Are you upto date with all of the upgrades and updates? If not you, and your data, could be at risk. Software vendors do a lot more with updates than just fancy new features. A lot of the time work is being done ‘under the bonnet’ to ensure the most up to date security is applied to their own software and your databases. Also be aware of the ‘knock on’ effect of one piece of software being on an older version, does this impact your core operating system or server software? Maybe your old version finance software means you have to use an older version of Excel? If so you and your data could be at risk. Always be on the current version of any software you have - always!
If you are using server based software, is the server safe? not only from physical theft but also the threats you have from your own staff unwittingly allowing access through email malware or malicious downloads, password sharing (or saving).
- Process - Do you know what information you have about people on your systems, and more importantly do you know who can access that information and who can make changes? We are used to having financial audits, but do you ever audit the actual data and keep of track of who is changing what (and why)?
Here you can see our most recent resources, select items of interest using the categories below.