Since we have all spent the last 4 years operating under the UK GDPR, a question I am being asked regularly is ‘Do I have to change things again or can we stay as we are?’
It’s a reasonable question, since so many charities invested hugely in order to be able to demonstrate compliance with the UK GDPR.
So, bearing in mind it’s a draft Bill at the moment, we read an encouraging survey from the International Association of Privacy Professions (“IAPP”), where they looked at the key changes in the Data Protection and Digital Information Bill (as published) and concluded that generally:
- None of the proposed changes represent a radical departure from the current law in the EU and the UK
- Some areas have been simplified but the basic rules of UK Data Protection remain the same
It looks like this will mean that wholesales changes are not necessary but we wait to see what the final Bill, and the guidance from ICO, says.
Just 2 caveats here:
- If you use personal data for research purposes and/or automated decision-making, there is some work to so
- Whilst not having to change for the most part, there may be some benefits in doing so in certain situations. We will be advising our clients directly, and running public webinars shortly on this, but the provision for charities (alongside political parties and other campaigning groups) to use ‘soft opt in’ rather than consent for email and SMS direct marketing, is one possible area where a change can help you deliver more impact.
As always, watch out for webinar details in the insight newsletters, and you can also book a free 20-minute insight call at https://zorva.info/free-insight-call/