The dreaded 4 letter acronym.

Don’t panic!..... (if you’re a sports body)

It’s highly unlikely the commissioner will be knocking down your door at 6am on 26 May - the day after the deadline.

Clearly, if this message was targeted at Facebook, Independent News and Media - it would be different.

Does that mean you can do nothing ?


So – 5 simple things to do between now and 25 May.

  1. Set up a GDPR team (I suggest 3 officers of the club / body) – and appoint one person with overall responsibility for data protection / GDPR;
  2. Schedule a meeting;
  3. Map out what data you hold and for what purpose (membership details, employee details, sponsors details, Garda Vetting forms etc…);
  4. Map out what policies you have; and
  5. Record the above details in an internal Data Policy document and agree a plan to become GDPR Compliant.

Show the world you’ve thought about it, you’ve written it down and you’re ready to become compliant.

Take the bull by the horns.