Data Protection Issues for EU based Members - Important

, , , ,


On 25th May 2018, EU law is changing with regard to Data Protection. The new regulations, known as GDPR (General Data Protection Regulation) change the way we, as support groups, are allowed to hold and process personal data about our families. There is also a significant change to how you are allowed to contact and communicate with your member families.

We have to get compliant with GDPR. As it's an EU regulation, this will apply to all the European groups, even the UK. We are still, at the time of the legislation, a member state of the EU and will have to comply. We will all need to be compliant and need to act now.

The major headache is that we will need to get specific permissions from our families who have registered with us to be contacted by us via 1. Post, 2. Telephone, 3. SMS, 4. Email. The last 2 are the big ones. We can't send email newsletters or news SMS messages without their express consent to send "marketing" messages. Even news and info about conferences come under the heading of marketing. Consent can NOT be implied by the fact that our families have given permission for us to include them on our database. There will be no "soft opt-in" allowed by default.

I'm working on privacy and data protection policies for the UK&I group as we speak. We have a strategy to do this. We can use facebook to poll our members - post something that asks do we have your consent to contact you by email including marketing material. "Like" for yes or "Angry" for no. We will also email those we don't reach and by post for anybody else we hold details on. We have checked this with the regulatory body in the UK - Information Commissioner's Office (ICO) and it is permissible to do it this way, ahead of 25th May.

It may be UK specific but there is a lot of information on the impact of GDPR on the following link. You may want to check with the regulatory body in your country.

I urge all EU member groups to act now. While I'm sure that our families wouldn't have a problem with the way you contact them, it only takes one complaint. In the UK, there are heavy fines imposed for any breach of data protection. The risk mat be minimal but our board want to ensure we are squeaky clean on this!

Let me know if you want any further information. We are just learning and some of our trustees have been on GDPR workshops in readiness.

All the best to you all



About the website contents

All of the information contained within these questions and answers is for education purposes only. The place to get specific medical advice, diagnoses, and treatment is your doctor. Use of this site is strictly at your own risk. If you find something that you think needs correction or clarification, please let us know, contact see below.