SPORTS ADMINISTRATOR’S RESPONSIBILITIES UNDER THE NEW EU GENERAL DATA PROTECTION
What is GDPR?
GDPR is the General Data Protection Regulation. It comes into effect from 25 May 2018. It sets out a series of new EU laws concerning how data is processed and used. The objective of the regulation is to strengthen and standardise data protection laws for all EU citizens.
While not necessarily applicable to our customer base outside of the EU, we believe it is worth sharing the requirements with our total user base, as it provides a solid foundation for good practice when managing data for sports administrators, officials, volunteers etc.
These regulations will apply to any organisation that controls and/or processes data on behalf of an individual or group of individuals. Those responsible for adhering to these regulations include employees of the organisation, and in the case of sports organisations, it includes officers of the sports organisation (Club, League, National Governing body etc) or anyone who has access to or responsibility for managing data relating to members, teams, and individuals in any way involved with the sport.
It is very important that all sports administrators, be they working in a paid capacity or working as a volunteer, understands exactly what Personal Information it holds (and is responsible for). To ensure this is clear, it is important that every sports organisation makes an inventory of the personal data it holds and examines it under the following headings:
- What personal information does your organisation have
- How was it obtained by your organisation?
- Why was it originally gathered?
- How long is it being retained for?
- How secure is it?
- Who has access to the information
If your organisation uses a paper based system, forms etc to collect personal information, it is important to understand how these paper records are managed and maintained. It is OKAY to collect information on paper forms, and to retain them in hard copy after they have been completed, as long as the member is made aware of this at the time they are completing the form.
If the information is collected and maintained in electronic format, it removes the work associated with managing paper-based information, but there are still important requirements that you need to be aware of.
SportLoMo provides a secure electronic environment in which you can store your member data.
Your information can only be accessed by authorised personnel.
It is important that administrators do not share user name and passwords to access information. As an administrator, you have the ability to create accounts for other club officers that you want to give authorised to access the information.
You have the ability to remove access to links and to data for some of your club administrators. The “HELP” on the top navigation bar menu gives you access to documents explains how you can do this, but please email Support@sportlomo.com should you require assistance with this.
All of the data stored in the SportLoMo platform is stored in the Amazon Data Warehouse, which is based in the European Union, and complies with the strictest regulations in regard to data protection and security protocols. For more information on the hosting environment you can visit https://aws.amazon.com/compliance/eu-data-protection/
As an administrator, referee, club official, you also need to understand what information SportLoMo stores about you and how we used your data.
What do you, as a sports administrator, need to do?
Having reviewed the information you store in your database, if you have any concern that individuals are not aware you are storing their personal data, you need to either delete the data, or you need to contact your members, make them aware of what data you have stored about them, and ask them to confirm that they give you permission to keep this data. If they do not give you permission to retain the data, it is important that you delete the data.
If you require any assistance from the SportLoMo team, please contact us at Support@sportlomo.com