You are currently viewing The GDPR is Coming! Now what?! Practical Steps to Help You Get Ready.

Dobility is excited to be speaking at the upcoming MERL Tech UK event in London, March 19th and 20th.  Here is a snapshot of one of our sessions.  (Can’t attend in person?  No problem.  Watch for our other blog posts for a recap after the event.)


Session Details:

The EU’s General Data Protection Regulation (GDPR) comes into effect this May. It will affect any organization — worldwide! — that collects or processes private data from or about EU citizens. Some organizations are seeing the GDPR as a call to action for improving how they manage personal and sensitive data overall, including from the vulnerable non-EU populations with whom they work. Others may already have strong existing data practices in place. At this session we’ll share practical steps we’ve taken to assess our readiness and prepare for GDPR, with a focus on protecting and securing MERL data, including some existing best practices in collecting, storing, and de-identifying personal information.

This session will be a combination of presentations, discussions, Q&A and group work, aimed at sharing the concrete experiences of the panelists at the organization level, the technology level, and the MERL level.  Linda will share 5 steps that Girl Effect has taken to modernize its digital safeguarding policy and practice, including: integrating digital safeguarding into the organization’s child safeguarding policy; research on girls’ perspectives on digital privacy and safety; designing platforms and tools with digital privacy and safety in mind from the outset; improving how the organization handles personal and sensitive data; and future proofing initiatives. She’ll share key learning and practical recommendations from the past 4 years of implementing improved digital privacy and security across the organization and how this has enabled the organization to embrace a “GDPR mindset.”

Chris will give an overview of how Dobility’s long-standing focus on data security and SurveyCTO’s technical privacy controls do and don’t match up with the particular requirements imposed by GDPR. He’ll discuss how Dobility, as a small social enterprise providing data solutions in the global MERL tech ecosystem, has charted a course toward compliance — even though Dobility itself is a U.S.-based organization.

Danae will present on Social Impact’s practices in respondent protection and de-identification from the perspective of an evaluator handling personal data on program participants (and non-participants). She will review lessons learned and tips based on SI’s work in complying with existing data protection and open data policies, and share some best practices that may be useful to build upon in light of the new regulation.

Following these 3 brief presentations, we’ll open to Q&A and then hear how others are preparing for GDPR. We’ll share some resources and handouts so that participants can walk away with concrete orientation on how to prepare their MERL efforts for GDPR.

To learn more about this session, or the upcoming conference, click here.  Registration closes March 5th.  Hope to see you there!

Chris Robert


Chris is the founder of SurveyCTO. He now serves as Director and Founder Emeritus, supporting Dobility in a variety of part-time capacities. Over the course of Dobility’s first 10 years, he held several positions, including CEO, CTO, and Head of Product.

Before founding Dobility, he was involved in a long-term project to evaluate the impacts of microfinance in South India; developed online curriculum for a program to promote the use of evidence in policy-making in Pakistan and India; and taught statistics and policy analysis at the Harvard Kennedy School. Before that, he co-founded and helped grow an internet technology consultancy and led technology efforts for the top provider of software and hardware for multi-user bulletin board systems (the online systems most prominent before the Internet).