General Data Protection Regulation

More And More Sectors Waking Up To GDPR

More and more sectors are waking up to the fact that the new European General Data Protection Regulations are on their way and will be implemented in less than 12 months time on May 25 2018.

This week has seen calls for the UK education sector to wake up to the reality that GDPR is around the corner. Speaking to Schoolsweek.co.uk, Mark Orchison, managing director of 9ine Consulting, said schools faced a “significant amount of work” to become compliant.

“Lots of schools currently use IT equipment until it falls over and dies – with GDPR it’s a high-risk approach to continue using equipment that is out of warranty or doesn’t have up-to-date software,” Orchison said.

“If schools used such software they could fall foul of the new stipulation to “ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services”.

Orchison said that in some educational establishments, a designated data protection officer could have to spend up to three days every week on data and GDPR compartments as well as ensuring that out of date IT equipment is replaced. It will also be illegal for schools not to have a formal contract with a chosen data processor that meets minimum industry standards. All of this comes at a time when school budgets are stretched to the limit already.

Charities and GDPR

This week has also seen charities being warned that many are “significantly unprepared” for the new European Union General Data Protection Regulations. In a new survey commissioned by Charity Finance and Fundraising magazines, both published by Civil Society Media, it was found that one fifth of respondents were not sufficiently prepared for GDPR and 77% said that they felt their charity was “somewhat” prepared, with just 9 per cent saying they felt “very” prepared.

The new survey echoes a survey in June that was carried out by the Transform Foundation that found that 93% of charities were unsure whether they would be compliant with GDPR by the May 2018 deadline. Speaking about the worrying statistics, David Melville, chairman of the Transform Foundation, said:

“Complying with the new rules presents a terrific challenge and those charities we spoke to clearly feel they face a race against time to comply by the May 2018 deadline.

“What is especially worrying, given the recent fines levied on some big name charities by the Information Commissioner, is the lack of confidence among small to medium sized charities that they will ready in time.

“There is also a significant risk that putting the required changes and training in place will take far longer than people expect, even after the full scale of the challenge has been realised. This adds to the growing compliance burden already being faced by charities, but it’s encouraging that so many plan to seek expert help before it’s too late.”

Add comment