Action Network Reports & Data Protection

Action Network Reports & Data Protection

Each and every one of us has a responsibility to ensure the data we hold on our members and supporters is protected, and treated with the care you'd expect from those handling your data, and in line with the law. If you have access to Action Network you may have access to the personal data of hundreds, thousands, or even tens of thousands of individuals. If you're a member of staff or national volunteer that number could extend into the hundreds of thousands.
Most of the work you do in Action Network happens on the platform itself. You don't need to export the data, or view it anywhere other than in Action Network. However, we recognise that there are some occasions when you need to export Activist data for a legitimate reason. In this guide we'll talk about some of the considerations and best practice around this.
The Digital Team don't have oversight of data protection within GPEW, but just like you we have a responsibility to ensure we comply with our legal, and moral obligations. If you have questions about GDPR and your responsibility please contact dataprotection@greenparty.org.uk.

Anonymising Data

When working with data from Action Network ask yourself if you can achieve what you need to with anonymised data. For example, if you just want a breakdown of the Membership_Status of everyone on your mailing list you could generate a report to show only the Membership_Status field, rather than including individual identifying records. You should only export identifying information if it's the only way to achieve your goal, and the goal is a legitimate use of the data you have access to. Curiosity doesn't equal legitimacy.

Activist Data

Action Network records are continuously updated with new information. Any export of this data therefore can be considered immediately out of date. You should consider this when working with the data. This should also be a consideration when uploading data into Action Network. You shouldn't upload data to fields which may have been updated elsewhere. For example, you should never upload to any of the Custom Fields synced from GPEW centrally including, but not limited to, names and addresses.
You can find out which fields are synced centrally in this guide: Which Custom Fields Are Synced From GPEW Centrally To Action Network?

Data Storage

Data should only be stored on the device it's being worked on, and should be deleted when it's no longer needed. If you can, don't export the data at all and work with it directly within Action Network. If you need support with this, check out the other articles on the Digital Support Site, or raise a support ticket.
Activist Data should not be stored in cloud storage platforms like Google Drive, OneDrive, Dropbox...etc., and keep any exported data separate from your personal files to ensure protection of both. It's also extremely important that no data is stored on external drives such as USB pen drives, or external hard drives.

Device Security

Whether you're working directly in Action Network, or exporting data, it's important that your device is secure. Make sure you're not sharing your device, or Action Network login with anybody else. Set a strong password, and ensure you understand what you can do to protect your data if your device is lost or stolen. This will vary depending on the device you're using, so check with the manufacturer or supplier of your device. Make sure you keep your operating system and antivirus software up to date.

Screen Sharing

It's easily overlooked, but screen sharing on platforms such as Zoom, Teams, or Google Meet comes with a risk to Activist data. if you display Activist data when screen sharing it's possible for participants to screenshot, or record the screen and capture that data. Even if they don't record it, they may see information that they shouldn't have access to. Be careful when screen sharing, and avoid recording calls where there is potential for personal information to be displayed on screen.

Plan For Breaches

Nobody wants a data breach to happen, but no activity is without risk. Make sure you, and your fellow officers understand what a breach is, and what to do if you suspect one has taken place. You can find out about data breaches, and what to do in the event one happens on the ICO website (https://ico.org.uk). 
    • Related Articles

    • How To Create A New Member Report In Action Network

      How Are New Members Tagged In Action Network? When a member joins via the Green Party Join Site they are added to Action Network after a short wait. This is achieved by automatically pushing the new member's details through an Action Network Form. A ...
    • Using & Customising GPEW-Issued Email Layouts

      To support Action Network groups in maintaining a consistent brand, the Green Party Digital Support team will occasionally release email layouts which can be customised depending on your needs. Email layouts use the same drag and drip editor as you ...
    • Navigating Action Network

      Navigating through the menus of Action Network is intuitive and easy, but if it's your first time logging in you may be unsure as to where to start. There is one menu you'll likely use more than any other and that's the one labelled START ORGANIZING ...
    • Using Wildcards In Action Network Reports & Queries

      What Are Wildcards? Wildcards are the blank Scrabble tiles of Action Network Queries. They can be used to replace a character or string of characters. How Can They Be Used? When the % symbol is placed after a string of characters it tells the system ...
    • Setting Up Recurring Reports

      What Are Recurring Reports? Recurring Reports are simply Action Network Reports which refresh their targeting at regular intervals. They remove the need for manual refreshing of Reports and will notify you by email of the number of Activists ...