The GDPR is an EU regulation designed to strengthen the protection of personal data. It also addresses the export of personal data outside the EU.
By the time GDPR comes into play next year the UK will not have left the EU, however post-Brexit there’s a common agreement that it will be retained in effect because of the positives for consumer data protection. The regulation will apply if:
Which means GDPR still applies for organisations that are outside the EU, if they are controlling or processing personal data about an EU resident.
The GDPR applies to all organisations that store, process or transfer personal data – this applies then to most businesses and public bodies.
That means you and your organisation must be GDPR compliant.
If you haven’t yet thought about a GDPR plan for your business then now is certainly the time to start. Here are a few tips on getting organised
Identifying the ways your company uses data is certainly a step in the right direction, and it could be a good idea to set up an internal ‘GDPR team’ with a representative from all departments that use data. This will allow you to:
1 | establish data protection policies
identify all the ways your company handles data and put together policies for data compliance.
2 | appoint a data protection officer – DPO
if your company is involved in large scale monitoring of individuals’ behaviour or large scale personal data processing of sensitive personal data, or if you work for a public authority, you will need to appoint a DPO. It will be their job to manage all the personal data protection systems and processes the organisation has put in place to protect individuals’ personal data.
3 | sign up to an approved code of conduct
signing up to one of these isn’t obligatory, but you may want to consider it as a way of demonstrating compliance. They set standards for an organisation to meet in terms of safe personal data processing.
Providing GDPR training ensures all of your staff have the information to understand the GDPR. Learning Pool’s GDPR compliance module demonstrates how your organisation and staff can ensure compliance and avoid heavy penalties. All employees are responsible for compliance, and it’s very important that they’re aware of this. This course will highlight how they can help protect people’s personal data.
Upon completing this course your learners will be able to define the key elements within GDPR, understand the penalties, know the importance of consent, how they play a role and what to do in the event of a personal data breach. Key learning within this module is categorised into five articles focusing on:
1 | the GDPR: what you need to know – the basics of GDPR, why it’s important, and defining personal data, data processor and data controller. This also covers the penalties and consequences of noncompliance.
2 | data-handling rules – how individuals must give consent for their personal data to be used, guidelines for personal data processing and transfer as well as children’s personal data in the GDPR.
3 | organisational responsibilities – learners will be able to list an organisation’s responsibilities under the GDPR, be accountable and meet requirements such as appointing a Data Protection Officer.
4 | data breaches – identifying what a personal data breach is, how they can occur and what to do in the event of a breach under the GDPR.
5 | quiz – finishing up with a final quiz for the learner, where they will have gathered ‘top tips’ as they progressed through the modules, and can use them to help answer the questions.
Read more from Learning Pool now by visiting our Learn & Connect section.
To find out more about getting your staff ready for GDPR, try our demo module for free.
Get started by telling us what you need and one of our team will be in touch very soon.
+44 207 101 9383
US +1 857 284 1420
+44 345 074 4114*
US +1 844 238 5577
* call charges vary depending on your provider