GDPR, or the General Data Protection Regulation, is coming.
Due to be enforced on 25th May 2018, this EU regulation is set to change the way businesses handle personal data and could, if there is evidence of non-compliance, lead to hefty fines for UK businesses.
To meet this challenge, we’ve updated our Data Protection Awareness e-learning course to include GDPR so that throughout your business you can teach your staff about the impact of this regulation and how staff should deal with personal data.
What is GDPR?
GDPR sets out to provisions to protect personal data and privacy of EU citizens for transactions that occur within EU member states. It also regulates personal data that is being moved outside of the EU.
GDPR provides a consistent approach to data protection and privacy across the EU and seeks to protect an individual’s privacy and against data breaches. All companies that interact and process personal data in the EU will be affected by GDPR, this means practically all businesses operating in the EU, including those that are based outside the EU but interact with EU data.
What data does GDPR impact?
- HR records
- Customer lists
- Contact details
This includes marketing lists, customer IP addresses, photos of customers and also genetic data and biometric data that might be used to identify an individual.
What does it mean for an individual’s data?
An individual must consent to use their data and that consent must be:
- Freely given
- Specific
- Informed
- Unambiguous
What happens if you fail to comply?
Without being too alarming, the potential fines for non-compliance of GDPR can be quite heavy. Potential fines for non-compliance and data breaches are much higher under GDPR, reaching up to 4% of a company’s global turnover or €20M, whichever is greater.
What about Brexit?
Brexit could mean the transference of many EU laws into UK law. One area where the UK government has been explicit in stating that an EU law will be carried into UK law is GDPR. There will be no hiding from it, or waiting until 2019, this will be happening!
How can you teach your staff about GDPR?
There are many functions in your organisation that will be impacted by GDPR, in fact, most of a modern business’s functions interact with personal data each and every day, from customer services, to development and design teams, to front of house and reception personnel, to sales and marketing staff.
Each of these functions may have some interaction with your customers’ personal data, and for that reason they need to understand the business impact of their actions when dealing with data.
We’ve now included GDPR as part of our Data Protection Awareness course, including information on each of the main articles of GDPR:
- Financial impact of GDPR
- Geographical scope of GDPR
- Individual rights over data, including:
- The right to be informed
- The right of access
- The right of rectification
- The right to erasure
- Plus much more
This course has been developed to provide a fast, effective and simple solution to training along e-learning best practice guidelines. This will help you, as an employer or training manager, to deliver expert training to thousands of staff in a managed and measured manner.
Find out more about our Data Protection Awareness course and its GDPR component on our website here, or get in touch with us at [email protected] for more information.