Maintain Privacy & Confidentiality

Making It Easier > Making it easier to... > Governance/Regulation > Data Protection

We expect all parishes to abide by the principles of Data Protection

Managing people's records responsibily
Parishes and worshipping communities keep data and information about people. Typically you will have information about
  • Details of parishioners - particularly those on the electoral roll
  • Information about those who give money to your church community
  • Information about people asking for baptisms, weddings or funerals
You may also have information about a wider group of people you wish to contact for fundraising purposes.

It is right for you to have that information but you have a responsibility to manage it sensibly. So whether you store it on a computer or in a filing cabinet you must comply with the law. And that law is the General Data Protection Regulation (GDPR)
The General Data Protection Regulation
The General Data Protection Regulation is a stronger version of the Data Protection Act which we are already legally obliged to comply with.  It takes into account the massive changes in technology since the Data Protection Act was introduced in 1988. The GDPR enhances and strengthens an individual’s rights.

All parishes and clergy must comply with GDPR. As soon as you gather information – on an electoral roll or mailing list for instance – then you need to comply.  The GDPR does not prevent you from holding data provided you treat it responsibly.

You will need to comply if you hold information that can identify a person by reference to any of these things
  • Name
  • An identification number
  • Address
  • Email address
  • Sensitive personal data (health, sexual orientation)
Advice on complying with the GDPR
We recommend that you visit the Parish Resources website and follow the national church's advice on complying with GDPR.

You can find this at

www.parishresources.org.uk/gdpr


The Information Commissioners Office (ICO)

The Information Commissioner is the person appointed by the government to regulate GDPR. You can find their guides for organisations on their website.

https://ico.org.uk/for-organisations/


Our Data Protection Adviser

For any advice or support from our diocese contact Pamela Ambrose Pamela.ambrose@liverpool.anglican.org


 

Governance

Useful Resources

Government advice

For general advice about data protection adn the 1998 Act.
www.ico.gov.uk

Care of Records - Church of England

This has useful information for the care and upkeep of parish records.

www.churchofengland.org/more/libraries-and-archives/records-management-guides