GDPR Data Audit

You may be surprised at just how much personal data is stored and processed in a parish. So, ensuring your church is compliant with the GDPR is important and something you should revisit regularly.

Carrying out a Data Audit

Here are some questions to help you carry out an audit:

  • What kind of data is being collected and stored, where and why?
  • Which different church groups might store their own data? Make sure you cover them.
  • How is the data used (i.e. processed) both internally and externally?
  • How long is the data retained?
  • Who has access to the data both inside and outside of the business?
  • What procedures and controls are in place to keep data safe?

The Diocese of London have produced a Church GDPR Audit Questionnaire which you may find useful when auditing your processing of personal data.

Last Updated