GDPR or GDP-aarghhhhh?!

With one week to go, no doubt every organisation and business in the land has been uttering those 4 little letters repeatedly – G.D.P.R.

I understand why the introduction of this Data Protection Act reform has come about. Clearly, for too long, we as individuals have been at the mercy of marketers, ‘influencers’ (ahem, the words Cambridge Analytica spring to mind) and scammers – but, obviously its impact reaches further than that. No doubt this has been the biggest shake up for 20 years and there are some fundamental changes afoot.

I know members have been grappling with this in terms of what it means for them and the data they hold about the people they support – looking at their own systems, updating their existing policies, staff training and understanding of their responsibilities, informing the people who access their services and so on. And there has been lots of work associated with it – with lots of guidance issued from the ICO, reviews of paperwork and processes internally and externally and plenty of consultants making a pretty penny too.

There is some useful, free, information in terms of information governance on the Care Provider Alliance website too under Data Protection and Security Toolkit, designed by – CPA and NHS Digital. The resources on there include; Data privacy notice templates, processing logs, e-learning for staff on data protection – check it out!

There has also been some online easy read information produced setting out people’s rights about their personal information, to help the people you support understand how organisations keep their information.

No doubt your inboxes have been busy over the last few weeks too as organisations are contacting people to ask for consent to continue to be in touch. We have been reviewing our contacts and have sent out such an email too, to those who will need to ‘opt-in’ to continue to receive this newsletter and information about ARC products and services. If you have received such an email, we’d be grateful if you could action it – we would hate to lose touch with you. For those of you who haven’t received an ‘opt in’ request from us it means you do not need to and we will contact you as normal. Of course, you still have the option to unsubscribe at any time.

I think it is fair (and realistic) to say that work will be continuing towards compliance past 25th May 2018 for many businesses, organisations and charities but, that date marks a date in history for us all, the start of a new era, new risks and responsibilities, and rights for us as data subjects – and for many a great opportunity to have a good data clean-up and cleanse.

Kind regards
Lisa Lenton
ARC England Director