In May 2018 General Data Protection Regulations will come into force across Europe and we at Positive Life have undertaken a programme of actions to ensure that any information that we have or control is dealt with in the appropriate manner.
Not only is it imperative that we comply before the changes next year, we’ve also taken this opportunity to assess how we manage information and see how we need to adapt and change.
Whilst the information we hold or process is unimportant to the outside world, it is to us and our services users.
We have created an environment on and offline where our service users and those who are at high risk of HIV can feel safe, secure and open about their status. The people that we work with are our number one priority and we have developed and reassessed some of our practices that many other organisations would often take for granted.
As part of this process we have completed some work with the Information Commissioners Office (ICO) and revised our protocols around the sending of information (for example , details about upcoming activity and events).
Specifically, we have:
• Introduced an IT solution to include an automatic option to BCC (Blind Copy on e-mails);
• Developed an e-mail checklist that any sender must go through prior to the sending of any group email.
• Revised policies to state that all external group e-mails are BCC’d unless there’s a business reason why they shouldn’t be.
We’ve also committed to staff in training with the ICO and will be keeping abreast with the impending changes to the Data Protection updates that will be introduced in May 2018.