If the security of our IT systems and the data they contain is compromised or fails the consequences for ART could be severe. These might include:
The GDPR places a legal obligation on ART to process its personal data “in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures”. It requires the Association to ensure the ‘confidentiality, integrity and availability’ of our data and furthermore that our systems are ‘resilient’ in the face of adverse events such as cyber attack or accidental loss of data.
The IT Team have a key role in maintaining our data security. In brief they will ensure that:
While much depends on the work of the IT Team, all staff and volunteers have a duty to prevent breaches of data security by following good practice guidelines. These include the following measures:
ART has a clear procedure for dealing with security breaches which all staff and volunteers must follow. See Procedure for Notifying Breaches of Data Security
Last Modified: October 2019
If you have any questions about this policy or data protection you are invited to contact the Association at: