I’ve had a few conversations with third sector organisations recently about preparing for the GDPR coming into force in May next year. Some of the responses I’ve been getting are a little concerning given the nature of the work that some of them do and the increasing reliance on donations and marketing to bring vital funds into the organisations.


While it’s true that the majority of focus has been on commercial organisations, the ICO have made it very clear that charities and charitable organisations will not be exempt from their obligations under the new regulation. This message, coupled with some high-profile fines handed out to major charities, should be hitting home. But it doesn’t seem to be…


A recent Charity Commission report found that public trust and confidence in charities is at its lowest level since 2005 – due in part to collapses of charities like Kids Company.


However, the same report around ten percent of people cited effective management to be a major factor in trusting an organisation. This allows charities and other 3rd sector operations to raise their level of public confidence by introducing effective data protection policies and becoming compliant with legislation.


By embracing the new legislation charities are sending an effective message to their current and potential supporters – you can trust us. This is something worth shouting about.


Some of the messages I’ve been getting about why charities are not moving forward with updating (or in some cases even having any) data protection policies and processes:


“It isn’t clear yet, how much of [the GDPR] we’ll need to implement”

“The ICO haven’t informed us whether it will become law”

“It depends on how big you are as to how much you will need to do”


With charities being less able and mature in their use of digital technologies, the GDPR is likely to present a bigger challenge compared with more advanced commercial sectors. That’s not to say it will be overly difficult to achieve compliance or be any more onerous. But one thing is very clear – the third sector need to get on with it.


If you would like to find out more about how I can help you on your way to GDPR compliance and all the benefits this will bring you, then please get in touch.