If you process data as part of your volunteer role, and/or have access to personal data via the Portal, you will have completed our online data protection training course.
To fulfil our legal obligations (under GDPR) and ensure we continue to respect each individual’s right to privacy, we will be asking you to complete a refresher course early next year. In the coming weeks, we will be working with a number of volunteers to ensure that this updated eLearning focuses on what’s important for you to know for your role.
In the meantime, please remember the following best practice:
Stay vigilant for ‘phishing’ scams by email or telephone
Never give out any personal or financial details (including your MSS password) on a website you don’t recognise, or in reply to an email or cold calls. Look up the organisation the caller/emailer says they are from on their official website first, to check whether they are genuine.
Handle membership data correctly
Each time you send an email or letter, download a new copy of up-to-date membership data from the Portal – then delete the download as soon as you’ve finished with it. This ensures that we respect the wishes of individuals who have opted out of receiving communications.
Use the ‘BCC’ field
When sending out group emails, put your own MSS email address into the ‘To’ box, and all the recipients’ addresses into the ‘BCC’ box. This preserves privacy, as nobody can see anyone else’s address.
Keep personal information secure
Personal information must always be kept secure. Don’t leave papers hanging around or throw them in a bin without shredding them.
Report data breaches immediately
We understand that mistakes happen. If you make a mistake with personal data, please report it to us straight away. The sooner we know, the sooner we can start to put things right and stop any access to insecure data.
Thanks for keeping this important guidance in mind.