If you're an organisation who, like us, shares information through websites, newsletters or other digital tools you might have heard about the changes to data protection laws that are happening in May this year.

The General Data Protection Regulations (GDPR) changes apply to any organsiation which collects people's personal information. This means information collected both online and offline and anything that could be used to identify someone - it's a very broad definition.

Here at SCDC we've started getting ready for these changes and it's quite a significant job. The changes aren't revolutionary, but they certainly tighten up some of the ways that data protection works right now. 

For example, under the new rules you can no longer use a pre-filled tick box when asking someone to agree to terms and conditions when they sign up to a mailing list - it should be clear exactly what they're signing up for and they have to actively choose to opt in.

That's certainly a positive, but might still require a change in how you do things. For us, this means making sure our information is clear and our systems are fit for purpose. So we're rewriting our privacy policies and asking ourselves what information we really need to ask for in the first place.

While we're not in a position to offer legal advice, we would suggest you get up to speed with the changes and see how they might affect how your organisation works. Data protection applies to all organisations, no matter the size.

While it's certainly a task, these changes aren't something to panic about. By accessing some information now you can see what steps you need to take.

There's lot of information online, but SCVO has useful advice and training, including link to helpful resources.

Find out more here.