[Board] GPDR

[stevenfeldman]

Jody

I think the Board needs to take a more proactive approach to GDPR. This is
quite significant legislation and we should ensure that we have taken
"reasonable steps" to audit our personal data holdings and ensure we have
compliant processes.

The UK Information Commissioner's Office has a good intro to GDPR at
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
and a simple checklist tool at
https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/
(each EU country will have similar info but this is in English)

MailChimp has good tools for getting mail-list approval and providing
unsubscribe options. Do we have an OSGeo account or is usage less formal
across the regions?

I'm sure several of our EU members have already worked through GDPR with
their organisations and could provide advice

Cheers

Steven



--
Sent from: http://osgeo-org.1560.x6.nabble.com/OSGeo-Board-f3713809.html