Share

Lawyer warns charities about 'toughening' of EU data protection rules

BWB lawyer Mairead O’Reilly
News

Lawyer warns charities about 'toughening' of EU data protection rules

IT | Kirsty Weakley | 17 Apr 2012

European Commission draft data protection regulation, which would require organisations to report data security breaches to the Information Commissioners Office within 24 hours “would be excessively burdensome” for charities, according to BWB lawyer Mairead O’Reilly.

In January the Commission published the draft regulation which would see local laws, including the Data Protection Act in the UK, replaced with one EU-wide law.

Under the proposals all organisations, including charities, with more than 250 people would have to appoint a dedicated data protection officer, and be required to carry out an impact assessment before undertaking any process that presents a privacy risk.

Financial penalties for non-compliance are also set to increase if the new proposals are adopted. The new upper limit for fines would be €1m (approximately £825,000) or 2 per cent of annual turnover. In the UK the highest fine the ICO can impose is currently £500,000.

O’Reilly added: “The regulation represents a significant toughening of data protection in Europe.”

Before the draft regulation can be passed into European law it needs to be approved by the 27 EU member states and then ratified by the European Parliament. This process will take about two years.

“Although it is likely to be some time before the new regime is implemented,” said O’Reilly, “charities should be engaging with the proposed changes and ensuring that data protection is properly factored in to their business planning and compliance.”

In March 2012 Enable Scotland was found to have breached the Data Protection Act following the theft of unencrypted memory sticks, and although the ICO did not deem the breach serious enough to warrant a fine, chief executive Peter Scott was forced to sign an undertaking promising to improve performance.

Positives

Having one data protection law across Europe does have its advantages though, according to O’Reilly: "It will mean that when sharing data with their partner organisations or implementing organisation-wide data protection practises, charities won’t need to check that they are complying with local data protection laws,” she said.

 

Comments

[Cancel] | Reply to:

Close »

Community Standards

The civilsociety.co.uk community and comments board is intended as a platform for informed and civilised debate.

We hope to encourage a broad range of views, however, there are standards that we expect commentators to uphold. We reserve the right to delete or amend any comments that do not adhere to these standards.

We welcome:

  • Robust but respectful debate
  • Strongly held opinions
  • Intelligent relevant discussion
  • The sharing of relevant experiences
  • New participants

We will not publish:

  • Rude, threatening, offensive, obscene or abusive language, or links to such material
  • Links to commercial organisations or spam postings. The comments board is not an advertising platform
  • The posting of contact details for yourself or others
  • Comments intended for malicious purpose or mindless abuse
  • Comments purporting to be from another person or organisation under false pretences
  • Gratuitous criticism, commentary or self-promotion
  • Any material which breaches copyright or privacy laws, or could be considered libellous
  • The use of the comments board for the pursuit or extension of personal disputes

Be aware:

  • Views expressed on the comments board are left at users’ discretion and are in no way views held or supported by Civil Society Media
  • Comments left by others may not be accurate, do not rely on them as fact
  • You may be misunderstood - sarcasm and humour can easily be taken out of context, try to be clear

Please:

  • Enjoy the opportunity to express your opinion and respect the right of others to express theirs
  • Confine your remarks to issues rather than personalities

Together we can keep our community a polite, respectful and intelligent platform for discussion.

Free eNews

Northern Rock Foundation says closure 'inevitable'

22 Apr 2014

The Northern Rock Foundation will close after it failed to reach a funding agreement with Virgin Money,...

HMRC doubles scrutiny of charity gift aid claims following Cup Trust

22 Apr 2014

HM Revenue & Customs more than doubled the number of investigations into claims for gift aid in the...

DFID announces UK's first development impact bond

17 Apr 2014

The UK is to launch the first development impact bond - an international version of the social impact...

HMRC doubles scrutiny of charity gift aid claims following Cup Trust

22 Apr 2014

HM Revenue & Customs more than doubled the number of investigations into claims for gift aid in the...

Donations to foodbank appeal surge after critical Mail article

22 Apr 2014

The Trussell Trust’s Easter Appeal raised more than £50,000 in two days after a backlash on social...

2014 London Marathon on track to beat the £53m raised last year

18 Apr 2014

The 2014 London Marathon is on track to raise more than £53m for good causes and break the Guinness World...

Shawcross terror warning in national press

22 Apr 2014

Terrorist abuse of charities is “potentially the most deadly” problem the Charity Commission faces,...

Husband and wife jailed for three years for charity theft

22 Apr 2014

The former chair of Lincoln and District Mencap and his wife have both been jailed for fraud and theft...

Paula Sussex to be the next Charity Commission chief executive

17 Apr 2014

Paula Sussex, senior vice president, public sector of CGI, has been appointed the new chief executive...

Join the discussion

Twitter button

@CivilSocietyIT