Use your website to manage your GDPR obligations
- Data must be kept secure. How and where do you keep your data?
- Data must be kept accurate and up to date. How do you make sure your data is up to date?
- Data must not be kept for longer than is necessary. How do you keep tabs on the length of time you have held the data?
- Individuals have the right to see, amend or delete their data. How do you manage requests for this?
In a typical amdram society, your Secretary probably keeps a list of member’s name and addresses on their laptop and prints a copy for any society official who needs it. So far, so good.
But what do those society officials do with those printed lists? Do they securely destroy them once they’ve finished with them? Or do they keep them in case they need them again? If so, you’ve got several copies in circulation, each of which may be out of date.
Using your website to store and manage your data may be a better solution. In most cases, your web host will hold your data on secure servers; you will have a single central record which you can make available to specific society officials when required (they can log in to view it at any time but it shouldn’t be printed); you can set up a system to monitor how long it is since a member last paid their subs and therefore when their data should be deleted; and you can even allow members to login to view (and amend) their own data.
And if your website is built with Joomla (and all ours are), a new, free feature is available to manage any requests to your website to view, amend or delete personal data.
Something to consider?