Privacy awareness checklist for GDPR readiness

Privacy awareness checklist for GDPR readiness

Privacy awareness checklist for GDPR readiness

A little more than a year out from its effective date of May 25, 2018, the General Data Protection Regulation (GDPR) is undoubtedly on the minds of many of privacy professionals whose organizations handle the data of EU citizens.

In a nutshell, the GDPR is designed to strengthen and unify data protection for individuals within the European Union (EU). Perhaps more significantly, it also addresses the export of EU citizens’ personal data outside the EU. This means both Eurozone companies and those based in the U.S., for example, will have to comply with the regulation. And the regulation has teeth: fines for non-compliance can add up to $22 million or 4% of a company’s global annual revenue, whichever is greater.

Unfortunately, recent survey findings aren’t exactly a cause for hope. For one, a late 2016 survey from Dell found that a whopping 97 percent of companies had no plan in place to comply with the GDPR. Another survey found that 78% of IT decisions makers at 700 European companies were unclear or completely unaware of GDPR requirements.

Read Also:
How to ruthlessly use data like a boss without becoming inhuman

You’re likely to find gallons of digital ink spilled over the ins and out of the GDPR, and organizations should have started planning months ago for what changes will be needed to comply.

I’d like to focus on a specific piece of the lengthy GDPR: the requirement for privacy awareness training. In technical terms, Articles 39 and 47 make “awareness-raising and training of staff involved in processing operations, and the related audits” a responsibility of the Data Protection Officer, or DPO.

Detailed requirements of such training are lacking. But, that’s no reason to put any less focus on this aspect of GDPR compliance as any other; or hold off on thinking about how to train your employees until the last minute.

Employee awareness training is in my wheelhouse, so I’m offering the following five-step checklist designed to help you tackle the privacy awareness training requirement of the GDPR with ease.

When it comes to privacy awareness, you need to know what your employees don’t. Knowledge assessment surveys are perhaps the most direct way to measure what your employees know and don’t know about privacy best practices.

Read Also:
Digital Transformation: Time to Move Beyond ‘Human Speed’

The design of such a survey can take many forms, but the questions should be geared toward those aspects of data privacy that could affect your organization the most. A good place to start is the GDPR itself – consider using the myriad requirements in the regulation as a guide. The regulatory requirements on data breach reporting or data processing, for example, are great fodder for surveys and subsequent training.

So now that you know what your employees don’t know, the next step should be to make a plan for a privacy awareness program that specifically addresses the Knowledge gaps revealed in your survey.

You’ll want to use this information to identify a set of defined risks and desired behaviors to address in the training. By doing this, you stand a great chance of accurately measuring your ability to improve your risk posture through an effective training program. Such a program ensures your employees are getting relevant information delivered to them, in a variety of forms that include, but should not end with, conventional training.

Read Also:
How GDPR is Set to Change Business for All of Us


Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
Will the GDPR prevent the next headline-grabbing data breach?

AI Paris

6
Jun
2017
AI Paris

20% off with code AIP17-7WDATA-20

Read Also:
How the insurance industry could change the game for security

Chief Data Officer Summit San Francisco

7
Jun
2017
Chief Data Officer Summit San Francisco

$200 off with code DATA200

Read Also:
5 Ways Cloud Vendors are Dealing with Data Privacy Concerns

Customer Analytics Innovation Summit Chicago

7
Jun
2017
Customer Analytics Innovation Summit Chicago

$200 off with code DATA200

Read Also:
Psychology Is the Key to Detecting Internal Cyberthreats

HR & Workforce Analytics Innovation Summit 2017 London

12
Jun
2017
HR & Workforce Analytics Innovation Summit 2017 London

$200 off with code DATA200

Read Also:
2 college students built a tool to fight fake news on Facebook using artificial intelligence

Leave a Reply

Your email address will not be published. Required fields are marked *