A survey carried out by specialist charity insurer and Alliance sponsor, Ecclesiastical, revealed that while awareness of the new data protection regulation is almost universal among charities with a turnover over £1.5m – only 4% are unaware of the forthcoming changes – that figure stands at 36% for charities with a turnover of less than £500,000. A quarter (24%) of mid-size charities are unaware of GDPR.
Among wide ranging changes to data protection legislation that cover how personal data is processed, the GDPR introduces a duty on all organisations to report certain data breaches. When enforcement of the GDPR starts on 25 May, not only could charities face major fines for data breaches, they will be required to notify the Information Commissioners Office (ICO) within 72 hours following a breach that puts personal data at risk. They will also need to notify individuals, including potentially donors and service users, if there is a high-risk breach.
Blackbaud a cloud software company, has summarised the 8 key impacts of GDPR on non-profits organisations. GPDR comes into force in May 2018, so non-profit organisations need to make sure they’re ready to meet the strengthened rights of their supporters, donors and volunteers.