Data Protection Employee Awareness

Data Protection Employee Awareness

Data Protection is changing – do your employees know their responsibilities…? Awareness Training is Critical!

22301:2019 accountability article 25 article 28 article 35 awareness bcms breach ciso contracts controller cybersecurity data breach data privacy Data Protection data protection officer data protection service Data Subject Access Request DPIA DPO DSAR encryption GDPR incident management information security leadership management Pentest Privacy processor resilience risk risk appetite risk management ROI security security as a service small business strategic strategy Subject Access Request tools transparency vciso virtual ciso

What is the awareness level in your organisation on how GDPR affects your business? The EU Data Protection Regulation (GDPR) replaces the EU data protection directive 95/46/EC and is designed to harmonise data privacy laws (e.g. UK’s Data Protection Act and Germany’s Bundesdatenschutzgesetz) across Europe, to protect and empower all EU citizens data privacy and to reshape the way organisations across the region approach data privacy.

GDPR doesn’t just affect EU businesses but any business in the world that processes personal data on EU citizens. Failure to comply could result in fines of up to EUR20million or a whopping 4% of your organisations GLOBAL annual turnover – which may be quite a lot!

So to help ensure you don’t fall foul of this legislation here are the key awareness items you need to be know to keep yourself on the right side of the legislation!

Click here to access the GDPR Course on Udemy

What will you learn?

  • Understand the implications of failing to comply with the General Data Protection Regulation
  • Understand the General Data Protection Regulation 6 Principles
  • Understand the Principle of Consent
  • Understand what constitutes Personal Data
  • Understand the Rights of a Data Subject
  • Understand your likely role in a Subject Access Request (SAR) scenario and the time limit for response
  • Understand the requirements for notification should a data breach occur
  • Understand the purpose of a Data Protection Impact Assessment (DPIA)

Click here to access the GDPR Course on Udemy

Considering Data Protection as a Service?

If you haven’t already started your awareness programme, consider DPO as a Service. DPO as a Service is for those organisations that don’t have the headroom to employ a Data Protection Officer or for those organisations which cannot identity a person who doesn’t have a conflict of interest (e.g. DPO tasks conflict with their day-to-day activities). The authors of GDPR understand this can happen and so permits a third party to carry out the role of the Data Protection Officer in the form of a Service Contract.

Contact Fox Red Risk for more information