Share

Lawyer warns charities about 'toughening' of EU data protection rules

BWB lawyer Mairead O’Reilly
News

Lawyer warns charities about 'toughening' of EU data protection rules

IT | Kirsty Weakley | 17 Apr 2012

European Commission draft data protection regulation, which would require organisations to report data security breaches to the Information Commissioners Office within 24 hours “would be excessively burdensome” for charities, according to BWB lawyer Mairead O’Reilly.

In January the Commission published the draft regulation which would see local laws, including the Data Protection Act in the UK, replaced with one EU-wide law.

Under the proposals all organisations, including charities, with more than 250 people would have to appoint a dedicated data protection officer, and be required to carry out an impact assessment before undertaking any process that presents a privacy risk.

Financial penalties for non-compliance are also set to increase if the new proposals are adopted. The new upper limit for fines would be €1m (approximately £825,000) or 2 per cent of annual turnover. In the UK the highest fine the ICO can impose is currently £500,000.

O’Reilly added: “The regulation represents a significant toughening of data protection in Europe.”

Before the draft regulation can be passed into European law it needs to be approved by the 27 EU member states and then ratified by the European Parliament. This process will take about two years.

“Although it is likely to be some time before the new regime is implemented,” said O’Reilly, “charities should be engaging with the proposed changes and ensuring that data protection is properly factored in to their business planning and compliance.”

In March 2012 Enable Scotland was found to have breached the Data Protection Act following the theft of unencrypted memory sticks, and although the ICO did not deem the breach serious enough to warrant a fine, chief executive Peter Scott was forced to sign an undertaking promising to improve performance.

Positives

Having one data protection law across Europe does have its advantages though, according to O’Reilly: "It will mean that when sharing data with their partner organisations or implementing organisation-wide data protection practises, charities won’t need to check that they are complying with local data protection laws,” she said.

 

Comments

[Cancel] | Reply to:

Close »

Community Standards

The civilsociety.co.uk community and comments board is intended as a platform for informed and civilised debate.

We hope to encourage a broad range of views, however, there are standards that we expect commentators to uphold. We reserve the right to delete or amend any comments that do not adhere to these standards.

We welcome:

  • Robust but respectful debate
  • Strongly held opinions
  • Intelligent relevant discussion
  • The sharing of relevant experiences
  • New participants

We will not publish:

  • Rude, threatening, offensive, obscene or abusive language, or links to such material
  • Links to commercial organisations or spam postings. The comments board is not an advertising platform
  • The posting of contact details for yourself or others
  • Comments intended for malicious purpose or mindless abuse
  • Comments purporting to be from another person or organisation under false pretences
  • Gratuitous criticism, commentary or self-promotion
  • Any material which breaches copyright or privacy laws, or could be considered libellous
  • The use of the comments board for the pursuit or extension of personal disputes

Be aware:

  • Views expressed on the comments board are left at users’ discretion and are in no way views held or supported by Civil Society Media
  • Comments left by others may not be accurate, do not rely on them as fact
  • You may be misunderstood - sarcasm and humour can easily be taken out of context, try to be clear

Please:

  • Enjoy the opportunity to express your opinion and respect the right of others to express theirs
  • Confine your remarks to issues rather than personalities

Together we can keep our community a polite, respectful and intelligent platform for discussion.

Free eNews

BeatBullying lost out on major funding sources in 2013

30 Oct 2014

The BeatBullying Group lost out on major sources of funding in 2013, exacerbating its cashflow problems,...

St Mungo's staff plan new ten-day strike

30 Oct 2014

Staff at St Mungo’s are planning to strike again for ten days from next Wednesday in further protest...

Commercial auditor joins Charity Commission board

30 Oct 2014

The Charity Commission has appointed an experienced commercial auditor to replace former board member...

Contactless micro-donation scheme Penny for London 'could raise £5.5m'

29 Oct 2014

A micro-donation scheme launched today will allow commuters to donate up to 10p to charity each time they...

CoppaFeel! says partnership with The Sun was a success

28 Oct 2014

CoppaFeel! has said that a controversial partnership with Page Three of The Sun was a success, having...

FRSB upholds complaint against Save the Children's Liberia Capital Appeal

28 Oct 2014

The Fundraising Standards Board has ruled that a direct mail campaign and website for Save the Children’s...

St Mungo's staff plan new ten-day strike

30 Oct 2014

Staff at St Mungo’s are planning to strike again for ten days from next Wednesday in further protest...

Acevo announces Lord Low is chairing a commission on sector regulation

30 Oct 2014

The chief executives body Acevo has set up a commission on sector regulation that will assess whether...

Independent press regulation body not charitable, Commission rules

30 Oct 2014

An organisation set up to fund an independent press regulator cannot be registered as charitable, the...

Join the discussion

Twitter button

@CivilSocietyIT