As of 25th May 2018 organisations will be required to meet the GDPR regulations, in capturing and processing data, particularly in regard to communications. It is important to realise that this is the date from which fines for breach of the regulations will begin. The regulations have actually been in force since May 2016. The GDPR relates to personal and sensitive data collected and used by organisations. Each organisation is responsible for making sure that the data protection principles for processing are met -: lawful, transparent, legitimate purpose collection, accurate, identifiable to the data subject and secure whilst also keeping in mind the individuals’ rights.
The GDPR focuses on the following rights of the individual:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
The current version of alms.NET - Horizon already has functionality to support the key requirements of the GDPR and we are developing alms.NET further to incorporate any remaining requirements.
The question for organisations is, what changes need to be implemented in the way data is processed, and in how communications are carried out in order to be compliant with the new legislation? alms.NET provides the tools to manage consent, rectify incorrect data and so on, however this needs to be understood, and supported by the information given to supporters.
We will be going into more detail on how alms.NET can assist in this process over the coming weeks. The best way to keep up to date with what is happening in this area is to follow us on Twitter @westwoodforster. We will be posting all these updates on Twitter as well as re-tweeting relevant information from the ICO and IOF.
Some useful links providing information on the GDPR