Data Protection Managing risk is not just about health and safety and insurance. It’s about data protection too. New stricter data protection legislation is mandatory from May 25th 2018 RLSS UK will be issuing branches and clubs with data protection advice and guidance during Q1 2018 Your club has a responsibility to protect any personal information it holds. Managing risk is not just about health and safety and insurance. It’s about data protection too. New stricter data protection legislation is mandatory from May 25th 2018 (known as the ‘General Data Protection Legislation’ or ‘GDPR’). RLSS UK are reviewing data protection policies and procedures to ensure RLSS UK meet GDPR requirements ahead of May 2018. As part of this, RLSS UK will be issuing branches and clubs with data protection advice and guidance during Q1 2018. As a club you need to understand how the Data Protection Act affects your club and what your obligations are. It is the law and non-compliance can lead to complaints being made to the Information Commissioners Office (ICO). Your club has a responsibility to protect any personal information it holds.
Data Protection – Top Tips Accountability Check what data you need! Nominate somebody in the Club to lead on Data Protection Only use club personal data for legitimate club purposes Up-to-date Password protect Using up-to-date operating systems and anti-virus suites Protect files contain data with regularly changed passwords Group E-mails CLUB DATA PROTECTION POLICY AND PROCEDURES RLSS UK will be issuing branches and clubs with data protection advice and guidance during Q1 2018. Look out for these! ACCOUNTABILITY Nominate somebody in the Club to lead on Data Protection (for example, the Club Chair). SECURITY Make sure your club is holding personal data securely (locked away, password protected). Change passwords regularly on computers/ devices, password protect documents and only use memory sticks if encrypted. Reduce the chance of hacking by using a computer with an operating system that is officially supported (with regular updates, patches and hotfixes) and that has an up-to-date reputable anti-virus suite. If the computer being used to hold club personal data is used by others (for example, family members), set up a dedicated account for club purposes with a separate password. LEGITIMATE PURPOSES Start thinking about the personal data you club holds, for what purpose your club uses this personal data and who your club shares this personal data with. Only use club personal data for legitimate club purposes. SENDING GROUP EMAILS If you are sending an email to club members, do not include all their address in the To: field. To ensure anonymity, put your own email address in the To: field and put all members’ email addresses in the Bcc: field (blind copy). ASK FOR HELP If you have any data protection concerns, email info@rlss.org.uk (we’re here to help). RLSS UK will be issuing data protection advice and guidance during 2018 Put all members’ email addresses in the Bcc: field (blind copy) If you have any data protection concerns, email info@rlss.org.uk