Check your Security

As part of local scouting, Sensitive Personal Data (also known as special category data) is gathered, processed and transferred frequently. As part of the new rules you must ensure that personal data is held securely. This includes protecting data against unauthorised or illegal use and against accidental loss, destruction or damage.

When it comes to the protection of data there are some common best practices that can help maintain strong processes. For example:

  • New joiner details, be that Adult V olunteer or a Y oung Person.
  • Processing of this data for the purposes of events, awards, moving on.

  • Annual reviews of this data through census or further data gathering to update medical records.

  • Management of safeguarding incidents where data needs to be transferred to 3rd parties for assistance.

Consideration needs to be made for the security processes in place when collecting, managing and transferring the data required to operate local Scouting.

This can include locking filing cabinets and password-protecting any of your devices and cloud storage that hold your members’ personal information.

You must ensure that personal data is held securely. This includes protecting data against unauthorised or illegal use and against accidental loss, destruction or damage.

You need to ask the question “Where do I/we store the data I/we have for local Scouting?” There are many places this data can be stored, and these will normally be chosen based on ease of use or what you are used to using. Consideration needs to be made for the decision as to where the data is stored such as:

  • Is the storage system secure and safe?
  • Who needs access to the system and can we easily collaborate?

  • Can I trace access to the storage location and minimise where necessary?

  • Is there a reputable system available today that I can use? Such as:

    • Secure cloud storage

    • Online membership system.

Steps you can take to protect the personal data you hold include:

  • password-protecting and encrypting your electronic devices

  • pseudonymisation (the use of made-up names)

  • setting up firewalls

  • installing anti-virus software

  • securing your business premises,

  • using securely locked storage for paper records.

To find out more about securing your IT systems, you can read the Information Commissioner’s Office ‘Practical guide to IT security’

Data media guidance…

Today’s technology age means that there are many tools available to us all when it comes to the management of our day to day jobs and activities.

This situation exists within local Scouting and in most cases, you will opt to use the tooling you are familiar with or makes your operation as easy as possible. The below guidance draws out these technologies and gives advice on the security measures that should be considered:

 

 

Put your phone down and what are you left with? Just teamwork, courage and the skills to succeed.’
Bear Grylls, Chief Scout Bear Grylls