RFU issues data protection toolkit for clubs

19 Mar 2018 12:51 | Sara Raine

From 25 May ,2018, all organisations in the UK will be subject to the General Data Protection Regulation (GDPR).

This will be brought in by an act of Parliament in the UK.

GDPR builds on existing data protection law to give individuals more rights in relation to their data, and places an increased onus on all organisations, whether commercial companies or not-for-profit organisations such as rugby clubs, to secure individuals’ data and use it only as necessary.

In simple terms, GDPR will help protect players, members and clubs.

GDPR will ensure that data is kept more secure, and that organisations only hold the data that they need to. It will also increase transparency as to how data is used.

Organisations holding personal data will need to give more information to people about what they do with those people’s data, why, and for how long. They must also keep the information secure.

One safe way for clubs to store and use data is through the RFU’s Game Management System (GMS).

If you store data in other ways, you will need to think carefully about how this data is secured. In the UK, the data protection regime is monitored enforced by the Information Commissioner’s Office (ICO).

The RFU has put together this toolkit to help clubs, referee societies and CBs in the following ways: -

  • - To understand what the new data protection laws require
  • - To provide practical steps to achieve compliance
  • - To signpost to further resources to help achieve compliance.

The toolkit is divided into five sections:

  1. Practical steps
  2. Data governance
  3. Collecting and using data
  4. Data security
  5. Other rights for individuals

The full toolkit can be viewed or download HERE.