If you live on planet earth, then the EU’s General Data Protection Regulation (GDPR) will impact you. It is good to know your data rights; to understand how companies store and use information about you. If you work with data (most of us do!), it is even better to know your responsibilities.
We’ve taken the time to do our research and collected the best online resources to help you prepare your business.
The GDPR requires companies of greater than 250 employees to have a Data Protection Officer (DPO) in-place to be compliant. Many will already have a Compliance Officer but smaller companies still have the same obligations and carry the same risks. Read our blog about 'seeing red with compliance training'.
Checklists are a great start to understand, prepare and take action.
At Logicearth, we offer a range of Compliance online training modules. Our suite includes a GDPR training course – and it is a good one! Take a sneak peek at our GDPR course or see our full list of engaging compliance courses including Anti-money laundering, Information security awareness, and more. These are offered via a simple site-license, can be customised to your business context and provide practical GDPR staff training.
a GDPR COMPLIANCE checklist can help protect YOU
We live in an increasingly digital world, with more and more data available about all of us. Our most sensitive and personal information is at the mercy of people and organisations that we trust to do the right thing.
But data protection protects that trust even more; for data protection violations – fines have increased to €20 million or 4% of the total turnover of a company.
Working in compliance and learning & development, we are trusted to properly manage sensitive personal data. It’s important that we understand the risk that mishandling employee and customer data poses to our organisation.
Personal data may also include special categories of data as well as criminal conviction and offences data. These are considered to be more sensitive and you may only process them in more limited circumstances.
ICO, the UK’s Information Commissioner's Office have a useful set of questions to help you assess your personal risk. These are written for data protection officers but are accessible to anyone seeking basic legal advice about what to do with the data you hold.
This video from our course shows how data should be handled if it is transferred overseas:
SEVEN of the best GDPR checklists and insights
If you’d like more detail, we’ve curated the best of the best in the list below. Here’s to data sensitivity and keeping us all safe!
1. Computer business review – 8 Things Everyone Needs to Do
Do you know what type of data your organisation deals with? Is it structured or unstructured data? Can you clearly separate your sensitive data? What about data security?
"While the new GDPR has a number of changes to it and the transition is creating a significant amount of extra work for organisations, it is a good thing. The new GDPR is holding us accountable for the way we process and handle sensitive information, making ourselves and the people we do business with safer in the digital world we live in – not only today, but in the future."
2. HubSpot – are you ready?
Kris Lahiri, Chief Security Officer at EgnyteDo, outlines an eight-step process to prepare for GDPR. Do you have procedures in place to handle requests from data subjects to modify, delete or access personal data? Do these procedures comply with the new rules under the GDPR for data processing?
3. Infoworld – getting your Infrastructure Compliance-Ready
This checklist establishes employee access authorisation policies to limit access to data and ensure privacy. Keep the policies updated to reflect organisational need and monitor for a data breach.
Try our interactive GDPR online training for free here.
4. Helpnet Security – privacy awareness for GDPR
GDPR will streamline data protection for individuals within the European Union (EU). It also addresses the export of EU citizens’ personal data outside the EU. This means both Eurozone companies and those based in the U.S. will have to comply with the regulation.
"Again, the GDPR offers no specifics as to what sort of privacy awareness training should be implemented. I see this, though, as opportunity to shoot for an awareness initiative that not only complies with the GDPR requirements, but exceeds them."
5. UK Information Commissioner – Data protection self assessment
Understand the difference between data controllers and data processors – both have different responsibilities under the legislation. What lawful basis do you have to process personal data? This impact assessment helps small business and medium business owners.
6. Lewis Silkin – GDPR - 11 things you need to do in your workplace video
Lewis Silkin, a global law firm headquartered in the UK, recommends that you map and audit your data first. What personal data do you have, where is it stored, where is it sent, how is it processed, and what do you tell people about the processing?
This interactive checklist is specifically for data controllers. Data controllers are the decision makers who set the purposes for which data is collected and used. Most service providers, like Logicearth, act as data processors who follow our clients direction.
"You need to tell people that you're collecting their data and why (Article 12). You should explain how the data is processed, who has access to it, and how you're keeping it safe. This information should be included in your privacy policy and provided to data subjects at the time you collect their data."
next steps for Compliance Training for your Business
Complying with the GDPR is just as important now that the 25 May 2018 deadline has long since passed. If you would like to know more about options for training online - whether its GDPR for small businesses or on a large scale, just get in touch. You can call us for course access requests on 028 9066 0761 or why not try the online training course for yourself.
O
ur compliance e-learning modules are:
- fully-responsive to work on any device
- validated by legal experts
- tailored to your specific policies
- customised with your corporate branding
- and managed by a simple site license.
Discover more about our full compliance training service here. You can see the courses for yourself! We have a sample of our compliance suite loaded onto our learning experience platform, learningCloud. Just fill out our form and we will send you a preview account where you can login and complete the courses for yourself. You can take the time to review each at your own pace and show them to others.
Before you go, check out our other compliance blogs:
Seeing red with compliance training
https://blog.logicearth.com/compliance-training-what-is-it-for
Diversity and Inclusion at work
https://blog.logicearth.com/diversity-and-inclusion-at-work
Corporate fraud training - no excuses
https://blog.logicearth.com/corporate-fraud-training
- GDPR live course preview
- Compliance courses
- Information Commissioner's Office
- Computer business review – 8 Things Everyone Needs to Do
- Infoworld – getting your Infrastructure Compliance-Ready
- Helpnet Security – privacy awareness for GDPR
- UK Information Commissioner – Data protection self assessment
- Lewis Silkin – GDPR - 11 things you need to do in your workplace video
- The EU GDPR guide for data controllers
Was this article helpful?