1. A Quick Start Guide to GDPR
  2. Data Breach Policy
  3. Data Protection Policy
  4. GDPR Security Compliance Checklist
  5. Records Retention Policy
  6. sample_data_map_v1
  7. Subject Access Request Procedure

Have you been panicking about GDPR?  Have you been putting it off until a rainy day?  Well worry not, Northants CALC has produced A Quick Start Guide for Parish Councils!.  We have identified four key things that all councils can do by 25 May 2018.  These are:

1.    Create a Data Map (essentially an asset register of data)
2.    Adopt the relevant policies and documents
3.    Appoint a DPO
4.    Register with the ICO and pay the fee

The Quick Start Guide is designed to help you achieve those four key things.  It is our view that if you have done those four things then you will be able to demonstrate that your council is well on the journey towards full GDPR compliance, which will be a mitigating factor in the very unlikely event of a serious data breach.

Please note that the Quick Start Guide and the sample Data Map use colour to make the documents more accessible, so if you print them out remember to choose black and white settings if you wish.

The Quick Start Guide refers several times to the NALC Toolkit.  This was e-mailed to all member councils on 27 February 2018.  We suggest saving a copy of it in your new GDPR folder so that you have everything together.

After Easter I will circulate the Service Level Agreement and sign-up form for our brand new Data Protection Officer (DPO) Service.  Member councils are not obliged to sign up, but we think our service will provide a proportionate and reasonable DPO solution.  Other providers are available!

Please continue to let Anne Kirkland know if you are interested in another date for our very popular GDPR training course with solicitor Liz Howlett.  All the written guides are great but there’s no substitute for learning with others and asking questions of the experts!

And finally, please bear in mind that the GDPR/Data Protection landscape is still changing.  The Data Protection Bill passed second reading in the House of Commons on 5 March 2018 and MPs are now considering the Bill in a Public Bill Committee, which is scheduled to conclude by Tuesday next week.  It is entirely possible that there may be minor or significant changes between now and when the Bill receives Royal Assent and becomes the Data Protection Act 2018.  We will of course keep you updated on any changes.

I would be interested to receive your comments and feedback on the Quick Start Guide.  Good or bad; I won’t be offended!

Best regards, Danny              April 2018

Danny Moody
Chief Executive
Northamptonshire County Association of Local Councils
6, Litchborough Business Park
Northampton Road, Litchborough
Northamptonshire NN12 8JB

Tel: (Office) 01327 831482
Email: dmoody@northantscalc.com