Topic: General Data Protection Regulation

What advice is anyone able to give about General Data Protection Regulation that comes into force on 25th May 2018.
It seems that it applies to all organisations of any size that holds personal data (including address and email) about individuals.
What do the NSSs, especially the small ones, understand about this?
Are there any clear exemptions?
Is this new?

2 (edited by Darwyn Sumner 19-01-2018 09:12:52)

Re: General Data Protection Regulation

Martin Harvey tells me

NBN have recently said that they are convening a small working group to "look into GDPR, what is means for biological recording and to provide coordinated consistent advice for the network as a whole." My understanding is that this will have representatives from JNCC, NBN, ALERC, GiGL (London records centre), BRC and (if they wish) NFBR, Butterfly Conservation and BSBI.

How come NBN don't reply to these threads?


Re: General Data Protection Regulation

Chris Raper tells us:

I was involved in meetings at the NHM regarding GDPR and how it would affect the business in the AMC/ID-Service and the consensus was that it has no real effect. We do not use the contacts for sales and marketing and the GDPR regulations give specific cases where the new rules do not apply and where members of the public give their details to simple allow the functioning of their membership (i.e. they give their contact details so they can receive communications and journals from the DF) then this is all allowed.

The most obvious change is that any little tick-boxes on forms that people complete that might have said "Tick this box if you do NOT want sales communications" must now be unticked by default and read "Tick this box if you WANT sales communications" so the emphasis is reversed.

There's also a thread about this on ALERC's KnowledgeHub so your LERC will be in a position to advise.