(originally posted on DigitalImpact.org)
Have you noticed an uptick of emails from companies like Slack,
Google, or PayPal, announcing new privacy policies and terms and
conditions? Why the sudden onslaught of updates? The answer is easy. The
companies sending these notices are changing their policies to meet the
requirements of the European Union’s General Data Protection Regulation (EU GDPR or just GDPR), which will put powerful new enforcement mechanisms into place, starting on May 25, 2018.
If you’re a U.S. resident, or working at a U.S. nonprofit or
foundation you may wonder what, if anything, the GDPR has to do with
you? Good question. There’s no simple answer for everyone outside the
EU. But just as those companies (all of which are based in the U.S.)
revisit their policies and practices because of the new law, it’s a good
idea for you to do so, too.
First, the GDPR probably applies to you, whether you know it or not.
It’s possible – depending on where your clients and donors live, where
your data is stored, or where you provide services – that your
organization is subject to fines for not following the new law. In this
case, compliance is more than just a good idea, it’s required.
Second, the GDPR is a prompt for a worldwide checkup on safe,
ethical, and effective data practices. Many of the GDPR’s provisions
align with the data governance principles and responsible data practices
that we at Digital Impact advocate for in civil society. Think of the
GDPR as providing a framework and set of user-centered guidelines about
data that may just align with your mission.
Many resources and consultancies are popping up to help organizations
comply with the GDPR.
Digital Impact is here to help you navigate
through it. We’re on the lookout for credible, accessible, and
affordable resources with particular resonance to nonprofits,
foundations, and civil society. In the coming months with help from our
community, we’ll be curating new content, holding conversations about
data governance and GDPR, and fostering discussion at digitalimpact.org/gdpr.
Check out our starting list of GDPR resources, send us others that you’ve found, and join the community in conversation. Want to share your view on the GDPR with the world? Become a Digital Impact contributor. And if there are topics, tools, or templates you need but can’t find, let us know. Maybe the Digital Impact community can help.