On 5th December we held the final Tech for Good Bath meetup of 2017.  As we stand on the frontier of 2018 we thought we’d harness the energy and expertise of our Tech for Good Bath network to talk proactively about data protection and the importance of preparing for GDPR.

We believe this is a topic we should all care about because fundamentally it’s about us.  It’s about our data and it’s about how we are treated by companies we spend time and money on.  We’re delighted that one of our Tech for Good Bath members has also shared their experience of attending our event on our guest blog here: Empowered to embrace GDPR

Our speakers for the evening came from diverse backgrounds, here’s a snapshot of their advice and tips to enter 2018 ready for GDPR and the opportunities it brings:

William Heath

William is a former Open Rights group chair, who co-founded Ctrl-Shift and MyDex CIC. He is committed to helping see that individuals regain control over their personal data

William is an advocate for a citizen centric approach to data management.  This revolves around empowering citizens and communities to take the lead in solutions for data management and decision making.  This would be a big shift in the way we understand and build local capacity to develop ownership of personal data to champion the benefits for citizens and communities themselves.  William called for a different and revolutionary approach to data protection.  He highlighted that currently the law and associated requirements are difficult to access due to the legal language and hopes that a more citizen centric approach would create broader understanding and more innovative approaches.

Graeme FaeronThrings legal advisory firm

The message is simple, protect people’s data it’s your responsibility.  Ask yourself if you would like your data to be protected in the way you’ve set your systems up, if the answer is ‘yes’ then you’re probably on the right track.  The legislation is still evolving, so think of it as a maths equation – show your working and if you can demonstrate you’ve taken measures towards GDPR preparedness you’ll be heading in the right direction.

Build trust with your customers and beneficiaries by showing them you know how to respect their data rights.  Most of all, treat GDPR as a chance to get your house in order so you know what data you’re storing and crucially why you store it.

Karen Watson and SimonWood for Trees

Preparing for GDPR is a good way to understand your business more widely so take the time to understand your landscape.  Start with your data subjects, who are they and how are they connected to your business, identify the role they play whether it be fundraiser, volunteer or advocate.

Look at how your data travels through your organisation, who handles it, who tracks and records it?  Your teams will need training so identify way to build their capacity and bring them on the GDPR readiness journey.

Tell your clients very clearly what you intend to do with their data, be transparent and creative to get your message across.

Tim KilleenCompleteIT

If you have a data breach you’ll have 72 hours to report it, it will no longer be acceptable to try to cover up or keep quiet about a breach.  Take steps to mitigate data breaches by:

  • Understanding how your third party suppliers are handing data to make sure they are compliant and that you have updated your contracts with them accordingly
  • Ensure you have an effective firewall device
  • Consider the cyber essentials standard
  • Make sure your antivirus software is up to date

Sunny SeregenSt Johns Foundation

Speaking from first hand experience from working within St John’s Foundation to prepare the organisation for GDPR Sunny shared the following valuable top tips:

  1. Break down the ICO 12 steps to GDPR preparedness and create a plan for May 2018.
  2. Sell yourself as a facilitator not a magician you can’t do everything. Be transparent, realistic and ensure everyone knows their responsibilities so you can report breaches properly.
  3. Learn to love GDPR! We should value the privileges and the enhanced rights for the individuals, so let’s embrace it!