A Reminder Of Data Protection Regulations Following Charity Fraud Awareness Week

Recently we saw the return of Charity Fraud Awareness Week, which as the name suggests, aims to raise awareness of fraud to charities with a view to decreasing the risk they face. During the week, the Charity Commission issued some guidance as to actions charities should take in order to limit the risks of falling victim to fraud.

It was published that from April 2020 to March 2021, there were 1,059 reports of fraud from charities and 65% of charities felt the risk of fraud had increased as a result of increased remote working. These figures confirm fraud against charities is a very real risk and confirm the pandemic has seen an increase in cybercrime as a result of charities becoming vulnerable with new working procedures.

Charities are responsible for retaining large amounts of data concerning individuals, a large portion of whom will be vulnerable by nature, and are therefore highly susceptible to cybercrime. It is important how a charity manages that data to best protect its users and as a reminder, we have set out the below requirements in accordance with the Data Protection Act 2018.

Data protection advice to charities in an attempt to avoid cybercrime

Charities should ensure that data retained by them is only used for specific purposes, accurate and up to date, secured safely and used fairly and stored for no longer than required. By following this, the risk of cybercrime is reduced as there is less information for criminals to access and it is more difficult to obtain when safely secured. Charities are also advised to invest in fraud prevention activities so all members are aware of how fraud may be committed against them.

Unfortunately, criminals continue to become more sophisticated and it is inevitable cybercrime will continue to be a real risk. The Charity Commission in this respect last week advised that: