Latest Charity News in Brief
A brief summary on the Data Protection Act:
If you hold information by reference to an individual (whether directly or indirectly through a referencing system) then you are a “data controller” for the purposes of the Data Protection Act and need to be registered with the Information Commissioners’ Office. Any appeal made directly to individuals, including unsolicited contact by post, phone, email or text, is covered by the Act because you are using donors’ personal information. Good practice for managing data you hold:-
- Appoint an individual to be responsible for compliance with the Data Protection Act.
- Have clear policies on managing sensitive information including understanding what the information is to be used for and timescales for which it should be held.
- Train staff on their responsibilities of keeping data secure. This includes on laptops, mobile devices and phones as well as paper based files.
- Have a policy on encrypting information held on USB devices or sent by email.
- Make sure data is confidentially destroyed including ensuring that data on old computers are securely wiped before disposal
Commission pursues charging for services
The Charity Commission will consult on charging charities to pay for regulation, it said in a strategic plan published in July. Commission research found that more than two-thirds of charities oppose charging the sector for regulation, but three-quarters of the public support it. The research also found that there was high trust and confidence in the Commission, particularly among charities. The Commission has recently published a new version of its guidance CC3, The Essential Trustee, and has also reported a growth in new charity registrations, driven by the popularity of the Charitable Incorporated Organisation legal structure.
Data breaches by charities double
Charities suffered 53 data breaches in the six months to March this year, more than double the amount in the same period the previous year, according to figures published by the Information Commissioner’s Office. Charities are now the fourth most likely category of organisation to fail to properly protect others: data, according to quarterly ICO figures.
HMRC VAT and direct mail guidance
HMRC has published guidance on VAT and direct mail. The guidance is to clarify transitional arrangements for charities which previously believed they did not have to pay VAT, and are now changing their direct mail contracts as a result.
*Source - Charity Commission accounts and annual return June 2015