New laws governing data management processes and use (the General Data Protection Regulation 2016) for example threaten fines of up to 20m Euros or 4% of worldwide income for serious breaches. Please see our guide to GDPR for more information.
So how can charities best prepare for the new GDPR rules?
At Wellers we have designed a practical approach to this issue. We offer a data audit, designed to provide a full legal assessment of your charities position, helping you to control the risks for your organisation. This process assesses both day to day and longer term risks and includes an examination of:
- The different types of data you hold
- What happens to that data in your organisation
- Where the biggest risks for non-compliance are
- How to achieve compliance in a way that is appropriate, proportionate and cost effective for your organisation
Once we assess the extent to which you comply with the rules we deliver a user-friendly report identifying what you need to do against a clear Red/Amber/Green warning system.
This approach enables you to spot the most urgent corrective action you need to take to minimise the risk of serious breaches by your organisation as well as highlighting other steps you ought to take so that systems and controls can be put in place which will reduce the risk of serious failures.
Wider governance services
Our charity legal audit ‘Law Plus’ seeks to review the main areas of a charity’s activity and identify areas where the charity is at risk or remedial action needs to be taken.
With case law developing rapidly in areas such as employment, sexual orientation, risk management and financial accounting, a Law Plus charity audit is considered essential by many trustee boards, as ultimately the trustees are responsible for what goes on in an organisation in which they have little or no day to day input.