Welcome 2018! The year has turned and we can now say that the GDPR will come into force this year. If your organisation has its GDPR compliance matters in hand the 25th of May may not be looming too large. If not, the message is, there’s still time to become GDPR compliant, provided you start now! You can use the previous 8 steps of our 12 month countdown to help you build your GDPR compliance project plan.
This month our focus is on staff training. The ICO points to staff training as one of the appropriate organisational measures required to demonstrate compliance with the GDPR. Ensuring that your staff are aware of the importance of data protection generally, and the impact of the provisions of the GDPR from 25th May, will be one of the key considerations in your organisation’s ability to satisfy the new data protection principle of accountability, and to demonstrate that you have taken appropriate measures to ensure the security of personal data.
Our step for this month therefore is for you to provide data protection training for all staff.
Clearly, those with responsibility for data protection as part of their role and more senior levels of management will require more specific training on the impact of the GDPR, but all staff regardless of their role within your organisation should:
- Understand the importance of data protection law and the key data protection principles;
- Understand the key changes introduced by the GDPR;
- Be aware of the rights of data subjects in relation to their personal data;
- Understand the importance of data security and steps they can take to help keep personal data secure;
- Understand what amounts to a personal data breach and what they should do if they commit or become aware of a personal data breach.
Training all your staff may present a logistical challenge, which is why the Information Law Team at Geldards together with a leading e-learning provider have developed an online Data Protection & GDPR training course, specifically designed for staff "GDPR Awareness: What employees need to know". The course encompasses all the elements outlined above in an interactive format. It is simple and easy to use, takes around 45 minutes and is designed to run online using industry standard computer equipment/devices. Users will undertake a brief assessment at the end of the course to demonstrate understanding. The course will enable your organisation to provide data protection and GDPR training to your staff in an efficient and relevant way, with minimal disruption to the working day, and will be an invaluable tool in demonstrating your data protection compliance as an organisation.
For further information on our online Data Protection & GDPR training course please click here.
INFORMATION LAW >>GELDARDS GUIDE TO GDPR >> EMPLOYMENT >>