Need help with GDPR? Pick what would help the most.

As part of the Jersey Business GDPR workshops we will explain GDPR and offer a practical outcome in the form of a worked example for your business. Which of the following would be most useful to your organisation?

A worked example of…

1.       A Privacy Notice

2.       A Subject Access Process, Flowchart and Form

3.       A Breach Notification Process, Flowchart and Form

4.       A Data Sharing Agreement (for sharing data between two controllers)

5.       A Controller/Processor Agreement (for outsourcing data processing)

6.       A due diligence checklist, to help you ensure suppliers compliance

7.       A Data Processing Impact Assessment, to help you understand the risks and measures

The next Jersey Business GDPR workshops will be in November and December and due to their success we are planning well into 2019 too.

Some reflections from a great event and thoughts on the future for Jersey’s Charities

BUILDING A FOUNDATION WORKSHOP, THAT TOOK PLACE AT ST. PAUL’S CENTRE ON WEDNESDAY 26 SEPTEMBER

This was a great event, but it highlighted to be the need to address many of the issues that made this workshop necessary. This is about the co-ordination of the sector and the necessary support and guidance for the sector as a whole.

I believe the Charites Community should have a strong voice, and have a representative person or body to campion their interests, and I don’t think this person should be someone from government.

I believe we needs someone (or a team) with the capacity, drive and desire to be leading in this area to work with government and the charities commissioner to ensure the sectors needs are understood and met.

I fear that at least 20% plus will fail the charities test. This means that circa 100 charities, 220 people and £16m will be “homeless” because they no longer are able to raise money, receive states funding or call themselves a charity.  This should be a concern for the charity community, and worthy of a spokesperson.

Of those that do pass the charities test, how many are ready and able to comply with the legal demands of GDPR and States requirement for CE (Cyber Essentials) Certification. Noting that these are ostensibly a pre-requisite for States funding. This should also be a concern for the charity community, and worthy of a spokesperson.

If you don’t think this is an issue I’ll point out that the OIC Office of Information Commissioner (the GDPR regulator) has asked for a list of Jersey Charities and may be using this in the run-up to Christmas to see who is naughty or nice!

There was a lot of discussion about systems and data at the event.

There is no reason why we should not be able to provide a cyber-safe and GDPR compliant platform for all charities. Or the type of technology platform that could transform the flow of resources to the areas of need.

As regards the idea of a single portal for grants donations (putting money in) and applications (taking money out), this should be based on open-data and providing a seamless flow of funds, performance data, and other key metrics which benefit transparency, accountability and targeting of needs and resources.

The Building A Foundation Workshop was a great event and the people who organised it should be congratulated. However the real challenges and opportunities are ahead and for those that don’t achieve charitable recognition by the end of the year the time may be very short.