~ Your personal data is your most valuable asset ~

No matter how robust a business’s IT defences are, human error and process failure remain the main causes of unauthorised data loss.       Good data protection training is essential to ensure that anyone handling personal data understands their responsibiities, both in accordance with the law and an individual’s rights over their personal data and the requirement to ensure data is kept secure.

Benefits of providing Data Protection Training

There are of course many benefits in providing Data Protection training, not least the cost of training is a fraction of the costs an organisation might incur through possible enforcement penalties and damage to reputation in the unfortunate event of a data loss.   We have highlighted a few of the key benefits that providing regular Data Protection training can offer:

For the organisation

  • Demonstrates a company’s commitment to Accountability, one of the key data protection principles of GDPR.    For companies registered under GDPR, it is a requirement to provide all staff with Data Protection Awareness training, including temporary or contracted employees.   Records of training need to be maintained as evidence of compliance.
  • Demonstrates compliance to the Data Protection Act 2018 and best practice for businesses who process or collect personal data
  • Provides assurance to business owners and senior management that all employees understand their responsibilities to protect the personal data they are processing
  • Gives assurance to customers and clients that all staff have been appropriately trained and understand their responsibilities in handling personal data
  • Can help reduce the risk of unauthorised disclosure or loss of personal data by employees
  • Can help mitigate enforcement action by the ICO in the event of a reportable data incident

For the employee

  • Provides an understanding of an individual’s rights under data protection law and how personal data should be handled
  • Helps protect the employee by giving a comprehensive overview of the importance of data protection and their responsibility to protect the personal data they are party to
  • Allows the employee to be more accountable and responsible for the personal data in their care
  • Increases awareness of common types of data security incidents and ways to avoid them
  • Provides a good understanding of the consequences and risks of personal data loss/theft
  • Equips an individual with tips and good practice to protect their personal data at home
  • Increases awareness of current scams and common fraud attempts and ways to avoid them

Data protection training should be refreshed on at least an annual basis and followed up with regular reminders to help promote a culture of committment to data security.


Training lightbulbData Protection Training

We can provide onsite training at your business premises or at a mutually agreed location close to your office.   Alternatively, you can simply purchase our “off the shelf” training materials to use within your business.

 

Our training is broken down into short modules covering the following key topics

  • Personal Data and the law.
  • Password management – tips and good practice
  • Protecting personal data at work and on the go
  • Dealing with personal data requests over the telephone
  • Protecting personal data at home
  • Common data breaches and how to avoid them
  • Understanding the risks – examples of scams, fraud and data loss
  • Dealing with Subject access requests
  • Data security incidents and data loss reporting

Some modules can be delivered in short interactive workshops.   All training courses can be customised to suit your business needs.

Please email hello@percipientconsulting.co.uk to discuss your training needs.


Data Handling process and procedural reviewsAudit Checklist

How confident are you that your business has adequate procedures in place for preventing a data loss?   Would your staff know what to do in the unfortunate event of a breach of data protection laws?  Would they be able to recognise a Subject Access Request and know how to deal with it?

Does your organisation have an Incident Management process in place to ensure that if there is a possible data breach, the correct procedures are followed in a timely manner?

Percipient Consulting can review your current working practices against compliance with best practise and GDPR.    Data Protection “health checks” include:

  • A review of your data handling processes and procedures including local information security arrangements.
  • A written report providing details of the checks taken and any recommendations for improvement.

Contact us at hello@percipientconsulting.co.uk to find out more.


Fraud Awareness

Payment fraud is a big risk for any organisation, large or small.   Businesses are frequently targetted by fraudsters, posing as existing suppliers in an attempt to have money transferred into a bank account operated by the fraudster.

Are you confident that your business has robust procedures in place to prevent supplier mandate fraud?   Would your employees think twice about processing a request to change bank details?   Are they fully briefed to be on alert for CEO fraud attempts?

It is essential to

  • Implement a strict validation process before reacting to requests to set up or change supplier payment details
  • ensure relevant staff have a good awareness of the potential threats and an understanding of what steps to take to mitigate them.

Fraud Awareness WorkshopsTraining lightbulb

We can provide onsite training at your business premises or at a mutually agreed location close to your office.  Our training is delivered by an Accredited Local Counter Fraud Specialist and can be fully personalised to suit your business needs.

Please email us at hello@percipientconsulting.co.uk to find out more.