Data Protection Changes – what you need to know


Data protection law reform is coming with the General Data Protection Regulation (GDPR) taking effect from 25 May 2018.

You should start preparing now for changes that GDPR will require to your current policies and procedures. GDPR is not just a tick box exercise and it needs all staff and volunteers to embrace new procedures.

To help you prepare for GDPR, VANL is offering training courses in December and early in the New Year to support you and your organisation. It is essential that you start preparing now.

Information and guidance

Data protection legislation covers everyone about whom you keep personal data. This includes employees, volunteers, service users, members, supporters and donors. The legislation:

  • requires organisations to register if they keep records – this is any record of any nature at all
  • governs the processing of personal data including ‘personal sensitive data’
  • requires organisations to comply with eight principles for data protection
  • allows employees, service users and other contacts to request to see the personal data held on them.

Every organisation should have a written policy and procedure that is specific to their context about how they handle personal data and enact privacy principles.

Requirements for these policies and procedures will change when GDPR takes effect.


VANL can help with sample policies and we are booking for our next training on 12th December, 2017. This will offer you and your organisation to identify the issues that need resolving and develop a policy tailored to your organisation.

Our training plan is online to view at but should your organisation have additional training support needs, then we can tailor a training course to your needs. Please contact us on or call us on 01724 845155.