IT Support Notes for March 2022 Committee Meeting

Regarding Data protection we do not escape the legislation but have an exemption from registering with the Information Commissioner's Office (ICO) based mainly on keeping only basic membership details and just email addresses with the wider world. We can use the members mobile numbers and emails for messaging to do with EqualsIW. If we start recording that members affirm to various principles, or use our membership list in any other way then we would have to register at a cost of £40 per annmum.

If an encrypted Usb memory stick were used to keep members data that would be unacceptable to the ICO as Usb sticks are easily mislaid. We have to ensure data is not lost as well as it being secure.

Currently there is no definitive list of EqualsIW member that I am aware of. Just a policy of checking once a year after AGM the list of email addresses used for EqualsIW communication. Should a list of members be created we would need to keepit secure and safe. Our mailbox would be ideal for this as it provides long term secure storage that is accessable ony to those that would need it.

Regardless of registering with the ICO we need to have written policies and procedures which include an element of checking that things are done in accordance. We have some policies published on the website at https://www.equalsiw.org.uk/find-out-more/policies.

In addition we have an email policy that ensures we don't keep data for too long. Some important emails are kept permanently. The secretary or IT support (me) checks the mailbox normally monthly and decides whether each email should be kept 1, 3 or 12 months and then deletes out-of-time emails.

We also have an email procedure that was designed for shared use of the mailbox This email address is being protected from spambots. You need JavaScript enabled to view it.. It controls who has access and how long various classes of email are kept before deletion. This needs updating soon as it has not worked and quickly if we change to rotating secretaries. Perhaps the ongoing secretary could discuss this with me when the secretary situation is resolved.

We also have a procedure when personal data is put on the website. We have adapted it slightly in the light of experience and remain compliant with the legislation as far as we can tell.

1. Photos taken in the street and other public places fall outside the scope GDPA requiring written permission. 2. Photos taken at WOW and similar private places do need some kind of written confirmation. So long as no names are added to the images and Mark emails me to say that everyone involved has agreed to their image being on the website then individual written permission is not taken. 3. If a name is specified a written or emailed permission from thatb person is required and it would be kept in the repository for permanent keeping. We have only done that once.

Rex

To Top
Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Read more
Essential
These must remain active even if Decline all is selected.
Content Management System
Web page delivery
Accept
Cloudflare
Web Bot Detection and Management
Accept
Cookie Control
Description> Stores Accept or Decline
Accept
Marketing
Set of techniques which have for object the commercial strategy and in particular the market study.
Facebook
Accept
Decline
Unknown
Unknown
Accept
Decline