What You Need To Know About the Changes to Data Protection
Sports clubs and associations holding the personal data (i.e. information that identifies a living individual) about a number of individuals including employees, members, volunteers, athletes, coaches and others. In which case, you will need to be aware of the General Data Protection Regulation (‘GDPR’).
The GDPR has been described by the ICO as a “game changer for everyone” and will require all sports clubs and associations to change the way they think about personal data. It comes into effect on 25th May 2018, and organisations will need to use the lead in time wisely in order to ensure compliance by that deadline.
The headlines in relation to the GDPR have tended to concentrate on the considerable increase in the levels of fines for non-compliance with data protection law, from the current upper limit of £500,000 to €20 million (£18 million) or 4% of annual global turnover (whichever is greater), however, these headlines do not address the practical implications that the GDPR will have for sports clubs and associations.
Due to the incredibly tight timescale for notifying the ICO of a breach, it will be imperative for all sports clubs and associations to have a Data Breach Reporting Procedure in place to deal effectively and efficiently with any personal data breach that occurs.
Achieving compliance by May 2018 may seem like a daunting prospect, and there is certainly a lot to do, however the WSA has created a toolkit for members to utilise to ease this process. With templates and video training, this toolkit will give sports associations in Wales an understanding of the key changes required which, coupled with providing standard policies and procedures for you to use in your organisations, should stand you in good stead come to the May deadline this year. There is also a month-by-month countdown provided by Geldards and links to further information provided by the Information Commissioner’s Office.
To find the members only toolkit and WSA resources, please click here.
To express your interest in attending a GDPR course run by WSA, becoming a WSA member or to find out your existing membership details, please email email@example.com for more information.