GDPR Toolkit
Data protection is a key responsibility for anybody that has access to the personal data of individuals. This guidance material has been designed to help you understand the legislation applicable for data protection and provide tooling for alignment to the legislation.
Quick links
Contents
- Introduction
- Step 1: What do I need to know about GDPR?
- Step 2: Who is responsible for what?
- Step 3: Appointing a data protection lead
- Step 4: Understanding data subjects
- Step 5: Gathering data
- Step 6: Data discovery
- Step 7: Keep a record
- Step 8: Check your security
- Step 9: Third parties
- Step 10: Publish your privacy stance
- Step 11: Delete and destroy
- Step 12: Responding to a breach
Introduction
Data protection is a key responsibility for anybody that has access to the personal data of individuals.
This guidance material has been designed to help you understand the legislation applicable for data protection and provide tooling for alignment to the legislation.
Following feedback on the GDPR Toolkit, the Scouts have redesigned this guidance to be more step based with bite size materials that can be used in isolation. This includes the simplification of the previous GDPR Framework to line up with the new steps-based guidance.
Following feedback on the GDPR Toolkit, the Scouts have redesigned this guidance to be more step based with bite size materials that can be used in isolation. This includes the simplification of the previous GDPR Framework to line up with the new steps-based guidance.
There are 12 steps as part of this guidance. To keep track of your progress through the material you can use the GDPR Alignment Checklist. As you are working through these 12 steps you may identify risks in the way you are operating. The GDPR Risk Register can be used to assist in tracking these risks.
Take a look at the GDPR FAQs.
Take a look at the GDPR FAQs.
In addition to the 12 steps guidance provided by UK headquarters, local Scout Groups, Districts, and Counties/Areas/Regions (Scotland), are able to procure a Data Protection Support Service direct from Black Penny Consulting, who are the Scouts headquarters Data Protection Officer (DPO). This service has been created in partnership with the Scouts to provide a DPO backed service desk that local Scout Groups, Districts and Counties/Areas/Regions (Scotland) can use for advice, guidance and reactive support for data breaches. Find out more via the Black Penny Consulting website.
Useful resources