Confidentiality and security of data is already at the heart of SARSAS’ work; it is a core value, essential for building trust and confidence in the organisation and the services we offer. The introduction of the new General Data Protection Regulations (GDPR) is an opportunity to further develop our systems and procedures, designing better ways of gathering and storing data and keep the individual and their right to privacy at the centre of everything we do.
Here are some of the steps we are taking to improve our service and become GDPR compliant when the regulations go live on 25 May 2018:
- Training and networking to share ideas and best practice
- Auditing data we currently hold, why we hold it, where we hold it, deleting if necessary
- Designing new ways of gathering and storing data that prioritise an individual’s right to privacy and ownership of their data.
- Reviewing and updating relevant policies.
- Ensuring we are ethical and transparent when requesting data, communicating clearly.
- Improving security of data including cyber security.
If you have any questions or feedback on this process, please contact us firstname.lastname@example.org