GDPR training courses

GDPR training courses - a crucial component of successful privacy compliance

Are you worried about your business meeting GDPR requirements?  You might be wondering:

• How do I know if my company is fully GDPR compliant?

• What areas of my business are most vulnerable to a breach?

• How can I prevent a data breach from occurring?

• What actions should I take to ensure my company doesn’t receive a fine or other negative consequences due to non-compliance?

• How can I ensure my staff are aware of good GDPR practices?

These are all legitimate questions, and extremely important ones considering that the majority of data breaches are caused by human error, often due to inadequate GDPR staff training.

Don’t be concerned though, because we are here to give you expert advice, help, and training in this critical area of your business.

GDPR training for employees

If you’re thinking: “Do I really need to provide data protection training for my staff?” - the answer is an emphatic “Yes”. The importance of staff training cannot be overstated.

According to a recent report, between 1st January and 20th June 2019, of nearly 5,000 personal data breaches reported to the ICO - 60% of these were caused by human error.

Unfortunately, sometimes a business will fail to adequately train the people most likely to cause a data breach - their employees. This can be a grave mistake that can result in staff making data protection errors that can lead to serious consequences for your company such as loss of reputation and even civil action from data subjects citing ‘stress and anxiety’ due to a data breach.

Do the ICO consider GDPR employee training to be important?

The ICO deem staff training to be a vitally important component of any GDPR programme. 

They have even gone on record stating that they are less likely to issue a financial penalty to organisations that can provide evidence that at least 80% of its staff have received appropriate data protection training.

This is obviously a very clear incentive to provide GDPR employee training.

Our GDPR training courses

As you can see, it’s crucial to have high quality, professional general data protection regulation training. Why? Because,

1. Your company will have the necessary knowledge and expertise to be GDPR compliant

2. Employees will know how to avoid a data breach - or how to respond effectively if one does occur

3. You are less likely to receive a fine from the ICO if you can show that you and your staff have undertaken appropriate GDPR training

A core part of our service at Privacy Helper is working with you to devise a training programme that suits your specific business model and staffing structure.

We have several approaches, as we know that one size does not fit all.

The GDPR training sessions we provide will help your employees to recognise and react to a data breach if one occurs.

This means that your staff effectively act as the eyes and ears of your company - safeguarding your business and ensuring you meet your obligations under the GDPR.

Introduction to GDPR

Clients who engage our services will initially receive a GAP analysis. This provides a basic introduction to the principles of data protection and some background information on the legislation. It also illustrates that data protection is not a new concept and finds its roots in the European Convention of Human Rights of 1953 - privacy is, after all, a fundamental human right.

Our initial session provides an excellent warm up for our time on site and will also help your staff to understand what information we will need from them during our departmental discussions.

We usually ask for ALL staff to be available for this session which takes place at the start of the day and lasts approximately 20-30 minutes, including a Q&A segment.

GDPR training in key areas

What does this entail?

Firstly we will need to conduct a formal review of your processing activities (if one has not been completed already), to help us to identify any ‘hotspots’ - any areas or departments within your business that have a high risk for a potential data breach.

Training will be scheduled within these key areas as a matter of urgency to ensure that your staff are aware of the potential risks to privacy associated with their specific roles in the company. Training will help raise awareness on:

• How to avoid human error breaches

• The consequences and financial costs to your business of any data breaches

• What to do if a breach occurs or is discovered

Our team will share details of the training that each person has received, which should be kept within your data protection records and the training records of the staff member.

In the event of a potential future data breach involving that individual, you will then have proof of them receiving training -  which could help you avoid a fine! The ICO have stated that they are more likely to be lenient, in the event of a breach, with companies that can show evidence of staff training.

Business-wide training

For a comprehensive and successful approach, it's advisable to fully embrace a culture of data protection and privacy across your entire organisation.

Our specialist trainers will draft a formal set of staff training procedures for you so that data protection protocols become second nature to your employees.

You will also have a staff training policy document, which immediately satisfies your obligation as a data controller under the GDPR.

Our work with you will be spread across the whole year and consist of both on-site and off-site work, including:

• Initial training sessions – These will be specific to departments and their particular processing activities

• Quarterly, or six-monthly updates – The frequency of these updates will depend upon the types of personal data being processed, the nature of that processing, and/or any significant changes in the activities of those departments

• New-starter training – Any new starters to the business must undergo a minimum level of data protection training as part of their immediate introduction to the business. They should receive full data protection training in relation to their role – and the wider expectations of the business - within a determined time scale. As one example; they would be unable to pass their probation period until their training had been completed.

It's also worth noting that clients who engage with the Privacy Helper DPO Service will, at the very least, receive guidance on in-house training as part of their package.

Areas covered in our data protection training courses

GDPR overview and principles – Essential information to enable your staff to understand the foundations of the legislation

Data Subject Rights – There have been some changes in the legislation since the Data Protection Act 1998 and quoting rights under the old DPA will not demonstrate compliance

Secure Processing & Technical Measures – Highlighting the importance of IT security and offering secure storage to data at rest

Data Transfers – Using secure methods for transferring data. This practice will also reflect your internal data transfer policy -  which we can help you draft

Lawfulness of Processing – We will explain which lawful basis (or bases) of processing you will need - depending on your role within the business. This will help you to understand your role in relation to the GDPR

The Definition of a Data Breach and How to Recognise and React to a Data Breach – Your staff are the eyes and ears of your business. It is vital that they can recognise a breach when they encounter one and know how to respond quickly.

Fines & Enforcement to Date – We provide a summary of the fines and enforcement notices that have been imposed by European regulators to date under the GDPR. This isn’t a scare tactic, but rather a reminder that all areas of compliance are important – not just those involving marketing, or not responding to data subject rights in time

Although some business owners may not consider GDPR training courses to be important, hopefully you will see that it is crucial that everyone within your business is aware of the implications of a data breach. 

By engaging with our privacy specialists, we will ensure that in the event of a data breach, your staff are able to react in a prompt and professional manner – bringing it to the attention of senior staff - or ourselves if we act as your DPO. 

Our fees

As training is based on your specific business, please contact us to discuss your requirements and a package will be put together for you.

As a guide, however, our standard rate is £125 per hour, per consultant (plus reasonable subsistence expenses where appropriate).

Any training packages we present to you will contain full details of all commercials.

Remember – our specialists are professionals committed to spreading the word about privacy. Every time we engage with a new company, or department and convert them to being privacy-focused, that is an extra level of protection for your company against potential data breaches and regulatory investigations.

Contact our team today to find out how we can provide training to your staff and immediately reduce the risk of a serious data breach being caused by an employee - without them even realising it! 

Training is a key part of success, and our GDPR training courses will equip your team with the information and tools it needs to be GDPR compliant. 

Contact our team today to find out how we can provide training to your staff and instantly reduce the risk of them causing a serious data breach.. and not even realising it!