A survey has revealed that, whilst knowledge of the new General Data Protection Regulation is widespread amongst larger charities, a large number of small and midsize charities are unaware of GDPR. It is critical that charities are aware that when GDPR comes into force on 25 May they could face major fines for data breaches, will be required to notify the ICO within 72 hours of a breach that puts personal data at risk and must personally notify individuals if there is a high risk breach.

Howard Ricklow, joint head of Data Protection, recently advised at a charities GDPR event. Our Data Protection offering, CB Comply, is available to assist in charities’ data audit and risk assessment in order to get charities compliant by 25 May to avoid substantial fines and huge damage to brand and reputation.