Data protection

[Pete Edwards]

The law changes in May 2018 becoming much tougher. What security is there for a club on who can access to its data? Where is the data held?

[wwwebbers]

Hi Pete,

Yes you’re right. In May 2018 the General Data Protection Regulation (GDPR) comes into effect and I’m going through the regulation to document the adherence of Crossmember to the regulation. But to answer your specific questions…

The data is held by a UK hosting company with UK datacentres – much the same as any small/medium web businesses and clubs use.
I have built the security model with CROSSMEMBER in the following way..

The Website is built as a custom built extension to WordPress. This has the advantage that there are numerous security features built into the application that can be re-used. WordPress itself isn’t inherently insecure, what gives CMS’ a bad name for security is the number of extensions/plugins that people download and install with a complete disregard to security. I only use 3rd party code that I trust, has a good reputation and is constantly supported to support the later versions of WordPress.
Some of these 3rd Party applications include Website firewalls to disallow access to known undesirable entities.

That said, I have also taken further measures…

Access to CROSSMEMBER is via HTTPS to encrypt the data between your web browser and the Web Server.

The Club data is NOT stored within the WordPress database, so any undesirable that might gain access to the back end of the website will NOT also gain immediate access to the Club databases.

Each Club’s data is stored in a completely separate database with a separate database user and a separate strong random password.

The guest users (those who have not logged in) cannot see any data. They can only apply to join or renew their membership. Renewing is possible without giving any view access to the club database.
If a guest user (a club member) wants to see their membership record (a requirement of GDPR and this means you have no extra work to do), then they can do so by providing their email address. If the email address is stored in the club’s database, then an email is sent to the member with a time limiting unique token. Clicking the link will take them to their membership record – and ONLY their membership record. This mechanism ensures that only the owner of the email address in the membership record can view the record along with the added bonus that your club members do not need another password that they will never remember from one renewal to the next. Saving you time resetting passwords.

When the Club is setup on the system, Only ONE ‘admin’ user is created for the club. This Admin User has full access to the system from the front end and can only view data records within your club’s database. It is then up to this Admin User to create new users as required by the Club, it’s in your control. This functionality is provided under the ‘Setup’ menu. This is one of the reasons that the content for the Set-Up menu item is hidden in the demo system. The Club Admin can create the following roles:
Club Administrator – Additional users with full edit/change capabilities
Club Privilaged Users – Users who can see all the data but the ability to edit/change is restricted. This could be for other members of the committtee.
Club Regional Organisers – This user cannot edit/change information and can only view the membership records of the members in the regions allocated to them.

I hope that helps Pete,
All the best,
Brian.

[Pete Edwards]

Many thanks.

[demo-pegasus]

Hi Brian,

Thank you for the information above its really helpful, I am sure that it would also be helpful to see the details of how the system is adhering to the regulations that are required.

Do the new regulations cover off how data is used by say area co-ordinators? Thinking that some keep lists of their area members and use them to contact those members, either electronically or by post. I see that there is a report that can be downloaded in Excel from the system, should this only be available to admin?

Do members need to have the ability to “opt out” of this sort of communication- some people are happy to be members of a club but do not want to be contacted by email – for example.

I am sure that there will be more questions thrown up as this subject is further discussed within clubs.

Best
Julie

[wwwebbers]

Hi Julie,

All downloads from the system should only be allowed by the club-admin users as I believe that all ‘paper’ and ‘soft’ copies should be controlled (but need to read that section a bit more). I believe that the club as the data controller should state how they intend to use the data, so that would include your areas too.

I think as a club, giving your email on joining should be done under the terms of use for contact solely by the club. After all that’s what the club is for, it’s like joining a car club and not giving your home address but still expecting a magazine! I think the important thing is that we get across that they’re only going to be contacted in conjunction with club business and nothing else.

You’re right though, it’s quite an undertaking with GDPR and there will no doubt be loads of questions being raised in the very near future.

I do intend to write a paper on how CROSSMEMBER adheres to GDPR, thankfully I’ve got until May to get that done!

All the best,
Brian.

[Author]

Posts