Page 212 - Demo
P. 212

“In God we trust. All others must bring data.”
INTRODUCTION
Your organisation will be dealing with different types of personal information for different purposes, and in different ways. From the names and email addresses of your trustees, to details of the members of your institute,
right through to information about supporters or attendees on a retreat,
and residents in a care home – all of this information has to be dealt with in accordance with your obligations under the Data Protection Act 1998 (DPA) and the General Data Protection Regulation (GDPR). As with many other areas in this handbook, this does not mean that you need to know the day to day details of how the institute complies with the DPA and GDPR. However you do need to be con dent that your employees and members all understand their obligations, and you are able to demonstrate that you have checked this. The buck most certainly stops with you, and so you need to be con dent that you understand what is needed, and what is needed is being done!
This chapter is split into sections, looking at some of the key areas that you need to understand in relation to the legislation. Your main responsibilities will be to put in place the right policies and make sure they are  t for purpose, and to check that those responsible for handling personal information know what their obligations are, nevertheless, you need to know about the following so you know what they need to know...
WHAT IS COVERED BY THE DPA?
The short answer, is that it only applies to personal data.
Personal data (referred to as personal information in the rest of this chapter), is information which can identify a living individual, either on its own, or when added to other information held by the person to whom you are disclosing information.
The latter part of the de nition means that you have to take into account
the context of the information that you have, when you decide whether it is personal information or not. Where you have, for example, a generic name such as “John Smith”, this is not personal information unless there is some other information available which can narrow it down to a particular John Smith. If
208 Chapter 11
   210   211   212   213   214