Two charities have been fined over data protection breaches after secretly screening donors so that they could be targeted for more money. The Information Commissioner (“ICO”) imposed penalties of £25,000 on the RSPCA and £18,000 on the British Heart Foundation respectively over this so-called “wealth screening”.
As well as “wealth screening”, the charities traced and targeted new or lapsed donors by piecing together personal information obtained from other sources and traded personal details with other charities “creating a massive pool of donor data for sale”, the ICO said.
Not only should those in the voluntary sector be reviewing their practices in light of this and the ongoing investigation into other charities, but now is also the time for all companies to start planning for the new and greatly expanded General Data Protection Regulation, which comes into force in May 2018.
Never has it been more relevant to review existing and potential future practices to ensure they do not fall outside of the law. Simons Muirhead & Burton has a dedicated team of lawyers focussed on data protection issues. We can review your practices and assist in guiding you through all aspects of the DPA, and implementation of the GDPR. We also work closely with a leading team of IT specialists, who are well placed to advise on technical matters.