Data Protection - Guidance for Churches and Circuits
The District’s Data Protection Resource Group are here to provide support with your data protection problems and queries. Below are some useful links and top tips that may prove helpful, but if you require further support, please get in touch with the Resource Group via email@example.com.
Data Protection Top Tips
Data Protection doesn’t have to be scary and onerous. Most of the requirements are common sense. Ask yourself “would I want my personal data handled this way?” – if the answer is no, think about the steps you might need to take to provide more security/better management or better processing techniques.
Keep your data in one place. Try to maintain your data in a spreadsheet, database or CRM system. These systems make it easier to manage, process and maintain your data. The more sophisticated the software, the more it can integrate with other systems and tools you use (such as email), but you can just keep it simple in a spreadsheet.
Do an annual data review – stick it in the diary at the same time every year and review what you hold.
Minimise the data you hold. Consider ‘want’ versus ‘need’. If you ‘need’ the data in order for your church and/or circuit to function, chances are you will have a lawful basis to hold that data and a requirement to process it. If you ‘want’ the data, you probably shouldn’t retain the data without consent, and you’ll also need to consider why you want to retain it.
Destroying data – don’t be afraid to simply remove data you don’t need. There are lot’s of great data savvy shredding companies out there who will come to your offices, shred documents securely and provide certification of it’s safe and secure disposal
Secure storage doesn’t have to be a multi-factor authentication encrypted password spreadsheet. Secure could just be a locked office or a locked drawer – a place away from eyes and locked so that it cannot be mislaid or picked up by someone who should not have access to the data. If, however, your data is electronic (as most is these days), take advantage of built in passwords/encryptions. A quick google search will help to sort this out. An easy tip to remember, is clear your desk each day, and lock your computer screen when you walk away (or set it so it auto locks after 5 mins of inactivity)
After all that – don’t forget to complete your annual data protection checklist by 31st May 2023. The District will send details of the form via your Superintendent and Circuit Administrator, or you can contact the Data Protection Resource Group for a direct link to the form to complete.