This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Print Page | Contact Us | Sign In | Join
News: Associations News

The world does not revolve around GDPR but get it wrong and it could cost you millions!

05 June 2017   (0 Comments)
Posted by: Olivia Palmer
Share |

New data protection laws affecting UK organisations come into effect in May 2018. Complying with the new General Data Protection Regulation (GDPR) regime, which gives individuals the right to control data and protection, will mean associations having to review their existing data protection policies.

Louise Clarke talked to Kitty Rosser, Intellectual Property Associate with the law firm Birketts. Kitty stressed that failing to comply with the new law puts organisations at risk of fines of up to €20 million. Individuals affected by the misuse of data will also be able to claim compensation for damage, distress and hurt feelings under the new regulations.

As previously, the new data regulations apply to personal data such as HR records, customer lists, or contact details. However, the GDPR definition also includes online identifiers such as an Internet Protocol address as personal data reflecting changes in technology. 

“The focus of the updated laws is on accountability and transparency,” explains Kitty. “Organisations will have to be proactive and find out how the laws apply to them. There will be new record keeping procedures and policies controlling what they do with data. Many larger organisations will have to appoint a qualified data protection officer.

“Existing data protection laws are over 20 years’ old, pre-dating Google and Facebook and didn’t anticipate how technology would develop and that data would be collected and analysed in such large volumes. The new data protection framework is designed to be technologically neutral and deal with the reality of Big Data and the Internet of Things.”

The Government has confirmed that the UK’s decision to leave the EU will not affect the introduction of GDPR.  The UK will probably also adopt this law post Brexit as in order for Britain to continue to provide goods and services to the EU it will have to comply with EU data protection regulations. 

Birketts has been running a series of seminars across the UK for the Institute of Fundraising focusing on the changes which will be introduced by GDPR.

For further guidance we recommend reading Rob Luke’s keynote speech ‘Will GDPR Change the World’ here.

If you would like to join our webinar on GDPR, on 10 July at 1pm (live from the Engage2017 conference) email

Become a member of the AAE and gain access to educational resources, and benefits including eLearning, Success Stories, and Association Insights

Become a Member Today

The Association of Association Executives is a service from The Networking Organisation Ltd
6 Claremont Road, Surbiton, Greater London, KT6 4QU, United Kingdom  |  Tel +44 (0) 20 8004 6300