Data protection in sport
There are 20 million reasons why we need to work collaboratively in sharing data protection best practice across the sport sector; the sectors members. Timing and action is now paramount to ensure the Sporting community are supported to meet the challenges of the Data Protection Act 1998 (the Act) now as much to meet the future challenges in relation to the new EU General Data Protection Regulation.
In 2014/15, 15.74 million adults took part in some form of sporting activity. The sector as a whole process a volume of members’ (adults and young people) personal and sensitive person data, this also extends to the engagement and use of Volunteers, Judges, and Officials affiliating and supporting the Sporting sector. We also have national as much as local Associations, Federations and clubs across the United Kingdom.
This is an important compliance area. A recent poll of over 2,000 people showed 78% found keeping their data secure was most important. 80% said it was very important to them that their data was not shared incorrectly and 67% said it was very important that they were given access to their data. One of these people could have been your customer or employee.
The General Data Protection Regulation (GDPR) states organisations will need to report serious breaches within 72 hours, fines will increase up to 4% of global turnover, or €100 million, or up to 2% of the data controllers’ annual worldwide turnover, whichever is greater. There is also the requirement on some organisations to have a designated Data Protection Officer who is knowledgeable, skilled and confident to ensure compliance controls, training, data processing and sharing is fully working within the law. These changes bring about never seen before burdens on Boards and Chief Executives.