Share

Lawyer warns charities about 'toughening' of EU data protection rules

BWB lawyer Mairead O’Reilly
News

Lawyer warns charities about 'toughening' of EU data protection rules

IT | Kirsty Weakley | 17 Apr 2012

European Commission draft data protection regulation, which would require organisations to report data security breaches to the Information Commissioners Office within 24 hours “would be excessively burdensome” for charities, according to BWB lawyer Mairead O’Reilly.

In January the Commission published the draft regulation which would see local laws, including the Data Protection Act in the UK, replaced with one EU-wide law.

Under the proposals all organisations, including charities, with more than 250 people would have to appoint a dedicated data protection officer, and be required to carry out an impact assessment before undertaking any process that presents a privacy risk.

Financial penalties for non-compliance are also set to increase if the new proposals are adopted. The new upper limit for fines would be €1m (approximately £825,000) or 2 per cent of annual turnover. In the UK the highest fine the ICO can impose is currently £500,000.

O’Reilly added: “The regulation represents a significant toughening of data protection in Europe.”

Before the draft regulation can be passed into European law it needs to be approved by the 27 EU member states and then ratified by the European Parliament. This process will take about two years.

“Although it is likely to be some time before the new regime is implemented,” said O’Reilly, “charities should be engaging with the proposed changes and ensuring that data protection is properly factored in to their business planning and compliance.”

In March 2012 Enable Scotland was found to have breached the Data Protection Act following the theft of unencrypted memory sticks, and although the ICO did not deem the breach serious enough to warrant a fine, chief executive Peter Scott was forced to sign an undertaking promising to improve performance.

Positives

Having one data protection law across Europe does have its advantages though, according to O’Reilly: "It will mean that when sharing data with their partner organisations or implementing organisation-wide data protection practises, charities won’t need to check that they are complying with local data protection laws,” she said.

 

Comments

[Cancel] | Reply to:

Close »

Community Standards

The civilsociety.co.uk community and comments board is intended as a platform for informed and civilised debate.

We hope to encourage a broad range of views, however, there are standards that we expect commentators to uphold. We reserve the right to delete or amend any comments that do not adhere to these standards.

We welcome:

  • Robust but respectful debate
  • Strongly held opinions
  • Intelligent relevant discussion
  • The sharing of relevant experiences
  • New participants

We will not publish:

  • Rude, threatening, offensive, obscene or abusive language, or links to such material
  • Links to commercial organisations or spam postings. The comments board is not an advertising platform
  • The posting of contact details for yourself or others
  • Comments intended for malicious purpose or mindless abuse
  • Comments purporting to be from another person or organisation under false pretences
  • Gratuitous criticism, commentary or self-promotion
  • Any material which breaches copyright or privacy laws, or could be considered libellous
  • The use of the comments board for the pursuit or extension of personal disputes

Be aware:

  • Views expressed on the comments board are left at users’ discretion and are in no way views held or supported by Civil Society Media
  • Comments left by others may not be accurate, do not rely on them as fact
  • You may be misunderstood - sarcasm and humour can easily be taken out of context, try to be clear

Please:

  • Enjoy the opportunity to express your opinion and respect the right of others to express theirs
  • Confine your remarks to issues rather than personalities

Together we can keep our community a polite, respectful and intelligent platform for discussion.

Free eNews

CAN and Senscot part ways with UnLtd over its vision for a 'private-profit social sector'

18 Sep 2014

Social enterprise support organisations CAN and Senscot have ended their relationship with UnLtd, set...

Governance code 'no longer fit' for large charities, says CFG trustee

17 Sep 2014

The sector’s code of good governance is no longer fit for purpose for large and complex charities and...

Ring-fencing public service contracts for charities is a bad idea, NPC tells Labour

16 Sep 2014

NPC has warned that introducing charity-only contracts is the “wrong approach to take”, in its response...

Fundraisers too bound up by red tape, says Unicef fundraising director

18 Sep 2014

Fundraisers are too bound up by red tape which prevents them from innovating, an audience of senior fundraisers...

Charities should be 'critical friends' to their corporate partners

17 Sep 2014

Charities should approach corporate partnerships as “critical friends” if they are going to change...

Teenage Cancer Trust reveals £5m Stephen Sutton legacy

16 Sep 2014

Teenage Cancer Trust has announced it intends to spend the £5m raised by Stephen Sutton to fund new specialist...

Some charity leaders see themselves as ‘employees of government’

18 Sep 2014

Voluntary bodies and the state have become so intertwined that some charity leaders whose organisations...

Charity Commission launches inquiry into Worldwide Ummah Aid

18 Sep 2014

The Charity Commission has opened a statutory inquiry into Worldwide Ummah Aid after concerns that a trustee...

CAN and Senscot part ways with UnLtd over its vision for a 'private-profit social sector'

18 Sep 2014

Social enterprise support organisations CAN and Senscot have ended their relationship with UnLtd, set...

Join the discussion

Twitter button

@CivilSocietyIT