it's actually here!
Please take 10 min to read the below as it will affect your work and there are consequences for the Service if we are found to be non compliant (Significant fines which would then impact our budget).
You may have heard about GDPR(General Data Protection Regulation) this is a new regulation that sets out the rights of the individual and establishes the obligations of those processing and those responsible for controlling and holding data. As such, we in the Youth Service must comply as we hold data about the Young People we work with. GDPR covers any data (records, photos, particulars) that we have regarding an individual. In the Club setting this will mostly be things like membership forms, rosters, photos etc).
We have put together a short Do’s and Don’ts to help ensure clubs are GDPR compliant. As GDPR is such a big topic the best advice is to try and minimise the data we hold so that we only have data that is usefuland relevant. Importantly,Your Youth Officer and Area Worker will be available to support you or answer questions should you have them and they will be actively looking into what data your club may have to help with this process. A lot of what is covered are things that you already or should already be doing; but if not here are a few Do’s and Don’ts that will help:
- Keep membership forms, registers and consent forms in a locked secure location. This can be a designated space at Home or In the Club as appropriate.
- Destroy consent forms as soon as possible after a trip/activity.
- Hand in all Membership Forms, Completed Session Log Books and Registers to the Youth Office by end of July each year so that these can be disposed of securely. ( we will remind you of this nearer the time).
- Contact the Youth Office if you believe a data breach (missing data or data getting into the wrong hands) has been made within 48 hours of becoming aware the issue.
- Be able to inform your youth officer of any photos and other documents relating to individuals held in the club (for some of you there will be very little but others may have quite a bit). Your Youth Officer will then work with you to decide what needs to be disposed of and what can be kept.
- Be aware that if you are communicating with Young People or parents/guardians through texts, emails and other digital forms that you should delete these as soon as possible when they are no longer relevant. As a rule of thumb delete after the event/trip/conversation has ended.
- If you have a Facebook page ensure it is a closed group.
- Share information with third parties unless it is in the young person’s interest. If you are unsure contact your Youth Officer.
- Don’t keep any photos or information on individuals for more than one year, this includes social media such as Facebook. You will need to clear the page of all photos and information at the end of each year.
- Use data for any other purpose other than that for which it was collected.
Lastly, we do not want the above guidance to distract you from carrying on with engaging with Young People and providing them with great experiences such as trips etc and so If you are finding the above guidance to be frustrating activity or you are struggling or unsure please do get in touch with your Youth Officer or Area Worker who will be able to help.