Development & Alumni and Data Compliance
Project to ensure D & A systems comply with recent changes in data management and security
We have recently completed a project to ensure that the University's Development & Alumni business processes and systems comply with three strands of recently introduced compliance and guidance measures. The three components behind this need to make changes are:
- The Privacy and Electronic Communications Regulations (PECR)
- The Etherington review of how charities are regulated
- The General Data Protection Regulation (GDPR)
The primary focus of this project was to determine, in collaboration with our colleagues in Development and Alumni, the exact changes that needed to be made to D & A systems, information and procedures to ensure that the University complies with the modifications introduced by the three initiatives listed above. Once these were identified, the project could then pinpoint who would make the necessary adjustments to the relevant systems and make the arrangements to ensure that the associated development work was carried out. These changes were executed by the external vendors (the Access Group). The scope therefore also encompassed the testing of the software changes, any rework that this engendered, and the final acceptance of the modifications before these were deployed into the live environment. The project scope also included updating the system and user documentation or support material that is related to the D & A systems.
The necessary changes were ultimately deployed by the end of May 2018 and the good work of the D& A team ensured that the need to be compliant in relation to the above guidance has now been met.