GDPR and data protection knowledge are critical to GDPR compliance and avoiding a data breach. Effective GDPR training and ongoing awareness activities are important organisational measures that regulators expect you to implement. They help create a privacy culture which lead the behaviours that your customers expect when processing their data.
There’s a place for e-learning but online training alone will not create the right cultural practices. Likewise, online training is usually generic and doesn’t typically address the specific purposes of processing carried out by the organisation or the data protection policies and procedures the organisation has implemented. We can provide onsite and live-online training as well as ongoing awareness programmes for you which are tailored to your business, the nature of the personal data processing you carry out and the roles of the individuals to be trained.
We tailor our training to your specific needs. We’ll agree the scope, the topics to be covered, the length of the training sessions and the objectives you wish to achieve. If you want us to carry out a short test at the end of the training, we can do that. Likewise, we can create overview documents for delegates to refer back to if desirable. Common types of training we provide include:
Board and Executive briefings for your leadership team, helping them understand data protection, compliance and risk management. This is typically tailored to the key issues likely to be of interest to the organisation based on the nature of their business, latest enforcement news and case law and a Q&A.
Onsite or live online data protection awareness training for all employees. Rather than just focus on the requirements of the law, we spend time helping attendees to understand the need for data protection including the expectations of stakeholders and customers and also common mistakes that organisations make.
Specific functions have access to more sensitive and higher risk personal data. These can include HR, occupational health, finance and pay and benefits teams. To help manage the higher risk associated with processing by these teams, we can provide a role or function specific version of our awareness training.
More detailed GDPR and data protection training for your information asset and risk owners and key data protection decision makers. We’ll cover the key requirements of GDPR, DPA18, PECR and important case law and latest news. We also include a Q&A to discuss specific issues affecting their decision making.
An effective awareness programme should be ongoing and delivered using a combination of approaches. We can provide you with a managed awareness programme and take responsibility for improving employee knowledge and data protection behaviours, with the aim of creating a genuine privacy culture.
This will help reduce data protection risks and demonstrate executive commitment to and accountability for GDPR compliance. Our awareness programmes are tailored to your specific needs but typically include:
At the outset of the engagement we agree an awareness theme for each quarter, together with specific topics to be covered each month. We can combine data protection and information security awareness programmes if desirable.