Church goers are still struggling to come to terms with GDPR after one parishoner’s efforts to get prayers read out for his friend were met with a point blank refusal over privacy fears.
Ian Duckworth had asked Bridport Methodist Church to remember in prayer his friend who had recently been admitted into a hospice.
However, he was told that was not possible to do by name as the friend had not given his consent for others to know about his sensitive information.
Responding to the story, a spokesperson for the Methodist Church told Christian radio station Premier: “Prayer is not covered by GDPR, but churches need to be mindful that details of someone’s health is sensitive data.”
Premier Chief Operating Officer Kevin Bennett said: “This was not what GDPR was intended to do.
“It was intended to deal with social media giants who were abusing data or PPI claims handlers – it was never intended to impact on who can pray for who.”
Encouraging churches, who fear breaking the rules, not to give up on public prayers, he said: “Pray by using first names – that’s not personally identifying them. If the person can’t be identified by what’s shared then there’s no issue with that action.”
The issue of parishioners’ privacy rights was first raised in May when church leaders were warned against publishing prayer requests for the sick on websites and newsletters without getting permission as it would potentially be in breach of the regulation.
This led Marcus Walker, the rector of Great St Bartholomew in central London, to tweet: “We’ve been told we can’t pray for anyone who hasn’t given their personal consent, which is just ridiculous.”
Even God’s disciples can’t escape the ICO or a huge fine
God wades in as GDPR hits church service traditions
GDPR zero hour: Now the hard work begins say experts
Parish councils win reprieve as ICO gets more powers
Parish councils cry foul at cost of GDPR compliance