The Guide to Grants for Individuals in Need 24/25 - hold an umbrella over someone's head

Data protection: can I email the Doctor?

Howard Lake

Howard Lake | 2 March 2017 | Blogs

Here’s an interesting data protection question put to me by a large charity which delivers some of its services through NHS doctors. The question was: “Can we contact doctors by email?”
Specifically, it related to the issue of an email that included both the first name and surname in full, Howard.Lake@ for example. The charity here told me that they have been advised not to email any doctors where a full name is part of the email even if it’s clearly a corporate address. 
Article 4 of GDPR talks about the definition of personal data. It’s clear that your personal data is that which can identify you, directly or indirectly. Your name is certainly an identifier, but the article goes on to include physical, physiological, genetic, mental, economic, cultural, or social identifiers. It’s pretty broad. So, on the face of it if you have a person’s full name in an email you can certainly identify them, so does this mean you might be infringing an individuals data protection rights? Well quite possibly.
This question is covered by both the new GDPR and PECR, the Privacy and Electronic Communications regulation. The latter specifically regulates electronic communications including emails. PECR states that “You can email or text any corporate body”. 
So as long as you can be sure that the email address is most definitely an organisation then you can be sure you are adhering to the regulation. However, under GDPR you are identifying the individual if you have their full name in their email address. In this case and because of this my advice is that you should offer the person the opportunity to opt-out of future communications whenever you email them. Make it clear and unambiguous, make it specific and make it really easy for them to do. I’d suggest you do this every time you communicate with them. I’d also make this part of your organisational policy, document it as a procedure, make sure every one in your organisation knows about it and why you do it.  
If you have a question about data protection and GDPR please send them to Mark Burnett.
  

Loading

Advertisement

Getting Started with TikTok: An Introduction to Fundraising & Supporter Engagement

Related posts

UK Fundraising
7 December 2016

Why the ICO’s rulings are a job half-done
UK Fundraising
20 December 2016

Are charities ready for the new world of data protection?
UK Fundraising
23 February 2017

The data industry’s response to the Fundraising and Regulatory Compliance Conference
UK Fundraising
10 March 2017

Data protection: complaining, it’s so yesterday!

Loading

Howard Lake

About Howard Lake
Howard Lake is consultant editor of UK Fundraising. He founded the site in 1994 and successfully sold it in 2022. As director of Giving X Ltd he is exploring growing giving on a massive scale. He is the founder of Fundraising Camp and co-founder of GoodJobs.

Mastodon