Is your GDPR compliance strategy as effective as it should be?
- On 30th August 2018
Results from some of the most recent post-GDPR surveys might make disturbing reading for many UK businesses that have been slow to implement a GDPR readiness strategy, or have yet to make any provision for GDPR compliance.
Firstly, complaints to the data protection watch dog, the ICO, between 25th May and 3rd July have more than doubled since the same period last year, this according to a Freedom of Information request filed by law firm EMW.
Secondly, according to a survey compiled by Imperva, the cybersecurity authority, there is a suggestion that many organisations are still unsure if they comply with the General Data Protection Regulation and would fail a GDPR audit.
With fines rising from a maximum £0.5M to 20M Euros or 4% of annual global turnover (whichever of both is the highest) this may be the time to sit up and take action, yet according to a survey by security firm TRustArc, 27% of UK businesses have yet to reach the implementation phase of a compliance strategy and 25% do not expect to be GDPR compliant until 2019.
GDPR isn’t just a legislation for global enterprises, it affects the way that any business collects, processes, uses, stores and protects people’s personal data. Furthermore, businesses are now legally required to notify the local data protection authority of a data breach within 72 hours of it being discovered. It is perhaps alarming to learn that in the first full month of GDPR enforcement, the number of self-reported data breaches had increased approximately five fold on the previous month according to the ICO.
Since the beginning of the year, eAlliance Learning has worked with a variety of multi-sector organisations, ranging in size from 25 – 1,000+ staff, to provide GDPR training as part of their ongoing compliance implementation strategies. So far we have enabled GDPR training for nearly 4,000 employees, either through our own online learning platform, or working in partnership with our learning technology partner, Unicorn Training, to provide custom LMS and training solutions.
We recognise that whilst general GDPR awareness is an organisational requirement affecting everybody there are elements that are also role specific, so in addition to providing off-the-shelf training we consult with employers to create custom GDPR learning pathways.
Our workplace training and cyber security awareness courses cover a range of core GDPR, information security and online safety themes. All our resources are developed in conjunction with data protection, information security and legal experts and include diagnostic assessments, video and short eLearning courses, case studies and extended study materials with knowledge tests. There are also downloadable fact sheets and workplace implementation tasks for information reinforcement and practical application.
John Baxter Director