~ Your personal data is your most valuable asset ~
No matter how robust a business’s IT defences are, human error and process failure remain the main causes of unauthorised data loss. Good data protection training is essential to ensure that anyone handling personal data understands their responsibiities, both in accordance with the law and an individual’s rights over their personal data and the requirement to ensure data is kept secure.
Benefits of providing Data Protection Training
There are of course many benefits in providing Data Protection training, not least the cost of training is a fraction of the costs an organisation might incur through possible enforcement penalties and damage to reputation in the unfortunate event of a data loss. We have highlighted a few of the key benefits that providing regular Data Protection training can offer:
For the organisation
- Demonstrates a company’s commitment to Accountability, one of the key data protection principles of GDPR. For companies registered under GDPR, it is a requirement to provide all staff with Data Protection Awareness training, including temporary or contracted employees. Records of training need to be maintained as evidence of compliance.
- Demonstrates compliance to the Data Protection Act 2018 and best practice for businesses who process or collect personal data
- Provides assurance to business owners and senior management that all employees understand their responsibilities to protect the personal data they are processing
- Gives assurance to customers and clients that all staff have been appropriately trained and understand their responsibilities in handling personal data
- Can help reduce the risk of unauthorised disclosure or loss of personal data by employees
- Can help mitigate enforcement action by the ICO in the event of a reportable data incident
For the employee
- Provides an understanding of an individual’s rights under data protection law and how personal data should be handled
- Helps protect the employee by giving a comprehensive overview of the importance of data protection and their responsibility to protect the personal data they are party to
- Allows the employee to be more accountable and responsible for the personal data in their care
- Increases awareness of common types of data security incidents and ways to avoid them
- Provides a good understanding of the consequences and risks of personal data loss/theft
- Equips an individual with tips and good practice to protect their personal data at home
- Increases awareness of current scams and common fraud attempts and ways to avoid them
Data protection training should be refreshed on at least an annual basis and followed up with regular reminders to help promote a culture of committment to data security.
Data Protection Training
We can provide onsite training at your business premises or at a mutually agreed location close to your office. Alternatively, you can simply purchase our “off the shelf” training materials to use within your business.
Our training is broken down into short modules covering the following key topics
- Personal Data and the law.
- Password management – tips and good practice
- Protecting personal data at work and on the go
- Dealing with personal data requests over the telephone
- Protecting personal data at home
- Common data breaches and how to avoid them
- Understanding the risks – examples of scams, fraud and data loss
- Dealing with Subject access requests
- Data security incidents and data loss reporting
Some modules can be delivered in short interactive workshops. All training courses can be customised to suit your business needs.
Our training packages cover all of the recommended topics published in the Information Commissioner’s Data Protection Training Checklist and much more.
Please contact us to discuss your training needs.
Data Handling process and procedural reviews
How confident are you that your business has adequate procedures in place for preventing a data loss? Would your staff know what to do in the unfortunate event of a breach of data protection laws? Would they be able to recognise a Subject Access Request and know how to deal with it?
Does your organisation have an Incident Management process in place to ensure that if there is a possible data breach, the correct procedures are followed in a timely manner?
Percipient Consulting can review your current working practices against compliance with best practise and GDPR. Data Protection “health checks” include:
- A review of your data handling processes and procedures including local information security arrangements.
- A written report providing details of the checks taken and any recommendations for improvement.
Advice and Consultancy
If you would like to discuss how Percipient Consulting can help you, please contact us to arrange a call back.