Skip to main content

Data Protection

Your organisation is bound to be affected by Data Protection.  Get it wrong and you could be in line for a hefty fine and serious reputational damage.  Get it right, and it can boost your relationship with members, donors, clients, supporters and volunteers.

Here's how I can help:

  • Worried about your organisation's Data Protection practices?  I can carry out a quick audit and tell you what needs doing.
  • Policies out of date?  I've drawn up policies for a wide range of situations and can help you do the same.
  • Staff need training?  I make Data Protection lively, interesting and relevant to your particular area of work.
  • Need a helping hand from time to time?  Sign up to my support service and get prompt e-mail and telephone support for a very modest fee.
  • Puzzled about a particular topic?  My series of webinars gives you a cheap and effective way to find out more and ask questions.
  • Looking for a conference speaker?  I've addressed audiences large and small, all over the country.
  • Something not on this list?  If it's to do with Data Protection or any related legislation I can almost certainly help.

Find out more below about Data Protection and Freedom of Information or look at My services.

Information about Data Protection

Most people by now have a fairly good idea of the basics of Data Protection, especially after the publicity that surrounded the introduction of the General Data Protection Regulation in May 2018.

An archive of my series of updates on recent Data Protection developments is available here.  These cover a range of topics, including news items and also in-depth looks at key issues, including cloud computing and the proposed new EU Regulation on Data Protection.

For detailed – and free – information about the law, the best source is usually the Information Commissioner, who is the public official responsible for promoting and enforcing the Data Protection Act throughout the UK.  Look at the section 'for organisations' to the bottom right on the ICO home page, and then at the guide to GDPR.

Freedom of Information

Data Protection and Freedom of Information are often seen as intertwined.  For public authorities this can certainly be the case.  In the interests of open government, a public authority must (subject to a series of exemptions) provide information about its activities to anyone who puts in a request.

However, almost no voluntary organisations or charities – except for some large ones such as museums and universities – are public authorities.  This means that few voluntary organisations are required to respond to requests for information in the same way.

The main exception is where the voluntary organisation is holding information on behalf of a public authority, for example under a contract to deliver services.  In this case, if the authority receives a FoI request they may require the voluntary organisation to provide the authority with the information it needs in order to respond to the request.

It is also worth remembering that when a voluntary organisation tenders for work or applies for a grant from a public authority the supporting information ends up being held by the authority.  Other contenders for the funding may – and increasingly will – ask the authority to release that information.