The Nonprofit Times features comments from Bob Waldman and Kelly DeMarchis Bastide on April 10, 2018, about how the new EU General Data Protection Regulations (GDPR) can be intimidating for organization leaders to read and interpret.
The key recommendations that Bob and Kelly suggested nonprofit leaders take included: seek lawfulness, fairness, and transparency with respect to the data subject; collect personal data only for specified, explicit, and legitimate purposes; personal data processing must be adequate, relevant, and limited to what is necessary for the purposes for which it is being processed; personal data must be accurate and up-to-date; identifiable data should not be stored for longer than necessary; personal data should be met with appropriate security including protection against unauthorized or unlawful processing or accidental loss, destruction, or damage; and, data controllers should demonstrate compliance with these principles.