On Monday, June 11th we ran our long planned ‘GDPR for Charities’ workshop at the Enterprise Business Centre. This workshop was one of the outputs from our Charity Impact Acceleration Scheme funded project to help a local charity with their GDPR readiness activities. The aim of this workshop was to share the techniques and lessons learned from this project with the wider non-profit community in the Dorset region and beyond. This was a one-day event attended by around 40 participants working for or with charities of various sizes.
Shamal Faily opened the workshop (slides) by setting out some of the challenges faced by charities making sense of GDPR, before giving an overview of what would be planned for the day.
Jane Henriksen-Bulmer then gave an overview of GDPR and Data Protection Impact Assessments (DPIAs) before presenting the ‘DPIA Data Wheel’ – a step-by-step process for carrying out a DPIA (slides).
The participants were then divided into four groups and, with the assistance of our BU facilitators, used the Data Wheel to conduct a DPIA for a hypothetical but realistic scenario. The groups then came together to present the privacy risks they found to the rest of the participants.
After lunch, Tessa Corner delivered a talk on StreetScene‘s experiences applying the DPIA Data Wheel (slides), before Shamal gave a talk on how to find security & privacy risks, and demonstrated the use of CAIRIS to support the discovery and management of risks (slides).
After these talks, Raian Ali hosted a lively panel on GDPR and its implications for charities before Jane closed the day by summarising some of the results of applying the DPIA Data Wheel with StreetScene (slides) and discussing some next steps to build on the momentum from this workshop (slides).
If you’re interested in finding out more about the workshop, or would like to get involved in any follow-on activities then please contact Jane Henriksen-Bulmer or Shamal Faily.