The guide includes relevant information on the Data Protection Act and explains when charities need to contact the Information Commissioner’s Office. It contains a list of 27 questions charities must ask to ensure they comply with the law.
The guide says charities should know who they hold information about, why they need it and what they need it for. They should know who is in charge of ensuring data is up to date and must have checked that the information is correct.
The guide, called Protecting Data, Protecting People: a Guide for Charities, was written with support from the law firm Bates Wells & Braithwaite and the Information Commissioner’s Office.
Caron Bradshaw, chief executive of the CFG, said: "Ultimately, data protection is about protecting people, their privacy and their rights, so it’s not hard to see why charities have a strong sense of responsibility to get it right. Charities hold vast amounts of personal data on staff, volunteers, beneficiaries, suppliers, donors and trustees, to name but a few areas.
"We recognise that, as the law evolves in this area, the landscape is becoming increasingly complex. However, it’s crucial that charities get the basics right – for reputational, ethical and financial reasons."