HIV Scotland has been fined £10,000 after the charity sent out an email containing the personal details of dozens of people. Emails, bcc and breaches – the latest fine, and what to learn Like buses, we have the second …
Category Archives: Charities: ICO
5 Tips for Incident Management
Categories: Accuracy, Breach, Brexit, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, DFE, Fines, Fundraising, GDPR, Guidance, ICO, Public Information, Security, Transparency, UncategorizedThis article is not a guide about how to handle a notifiable breach. By now, you’re all familiar with the ICO Guidance on that. This piece is about the day to day handling of incidents based on over a decade …
We all know about PECR, right?
Categories: Accuracy, Breach, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, Events, Fines, Fundraising, GDPR, ICO, Security, TransparencyAt the Protecture seminar on e-Privacy at the end of November, Rowenna Fielding reminded us that PECR is about more than just consent for electronic direct marketing. I don’t think that Rowenna meant to alarm anyone, just a gentle poke …
Launch of the IRMS Third Sector Retention and Disposal Toolkit
Categories: Accuracy, Breach, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, Events, Fundraising, GDPR, Guidance, ICO, Security, TransparencyThe Information and Records Management Society (IRMS) and Protecture were delighted to formally launch the IRMS Third Sector Retention and Disposal Toolkit and Schedule at an event in Central London last week. Attendees from a number of charities, not-for-profits and …
Equifax – 12 lessons to learn
Categories: Accuracy, Breach, Brexit, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, DFE, Fines, Fundraising, GDPR, Guidance, ICO, Public Information, Security, TransparencyAs the Data Protection Act 1998 (DPA98) comes to an end, we have a first! The first maximum fine under the old law was issued in September to Equifax Ltd. If you’ve heard any of the Data Protection Leads here …
Trust, Transparency and Data Protection
Categories: Charities, Charities: ICO, Data Protection Act 2018, Fundraising, GDPR, TransparencyCharities rely on personal data more than ever before, whether they are processing a donation, running a fundraising event, or providing services. Supporters and service users must give their personal data to you; in some cases, such as prospect research, …
Cookie D’oh!
Categories: Breach, Brexit, Charities, Charities: ICO, Consent, Data Protection Act 2018, Data Sharing, Fines, Fundraising, GDPR, ICO, Public Information, Security, TransparencyWith the news that the changes to ePrivacy law have now been delayed until 2020, now is a good time to evaluate whether your organisation’s practices are already in line with existing electronic privacy law. The ePrivacy Regulation is likely …
Who’s in Control?
Categories: Charities, Charities: ICO, Data Sharing, Fundraising, GDPR, ICOOne of the key aspects of data protection law is the concept of Data Controllers and Data Processors. In advance of the GDPR enforcement date (25th May), many organisations are seeking to review, update and amend their agreements with suppliers …
£130,000 fine for being unfair
Categories: Charities, Charities: ICO, ICOPharmacy2U provides a number of online medical services (electronic prescriptions; online confidential medical advice and retail for medical products). To access these services, individuals have to provide personal information including their contact details, sex and date of birth. Pharmacy2U is …
Charities on ICO radar – 32 charities visited
Categories: Charities, Charities: ICO, ICOThe Information Commissioner’s Office (ICO) occupies two roles: alongside their powers to enforce compliance and fine organisations for serious breaches of data protection (their ‘stick’ role) they offer informal visits to review how organisations are handling personal information and publish …