BlogCase Studies

How Net-Defence gave Stirling charity peace of mind for GDPR compliance

In Blog, Case Studies on

Stirlingshire Voluntary Enterprise (SVE) is Stirling’s local third sector interface which builds empowered communities with a thriving third sector consisting of community groups, voluntary organisations, charities and social enterprises. It was facing concerns over charity GDPR compliance.

As a charity operating with a small staff, the need to be GPDR compliant created a significant extra workload and the organisation brought in Net-Defence to ensure that all the required policies and processes were in place.

Rachel Johnston, Development and Engagement Coordinator at SVE said:

“We had undertaken a lot of work on our own around GDPR through a combination of research and attendance at a couple of courses but we really needed a professional view on whether we were fully compliant so asked Net-Defence to undertake a review.”

“The team at Net-Defence were great and had a very straightforward approach. I had a one to one session with them and they ran a 3 hour workshop with staff. We probably learned more in the half day than all the previous work we’d put in.

After the half-day session Net-Defence provided a full report that identified our specific needs. While the report identified that we were compliant in most areas, there were a few gaps in terms of policies and practice. They were able to help us address those quickly as well as providing necessary policy info and templates to make us fully compliant.

The whole process has given us reassurance that we were not at risk and that personal data is being managed in the correct way. It’s really important that we as an organisation, along with the people we support and engage with, have complete peace of mind that every precaution is being  properly taken to protect privacy and personal data.”

Debra Cairns, Head of Governance, Risk Management and Compliance at Net-Defence added, “The consequences of GDPR non compliance can be potentially catastrophic for charities, many of whom operate with limited resources to research and implement the legislation. The Information Commissioners Office has taken action more than 140 times against charitable and voluntary organisations. We have developed a best value GDPR analysis service specifically for charities which is designed to help them meet compliance quickly and without disproportionate pressure on their resources.”

If you would like peace of mind about charity GDPR compliance contact our team who offer special rates for third sector organisations.

You may also find this blog about funding for third sector organisations in Scotland of interest.

Sign up for Net-Defence news and knowledge