One of the words that appears most frequently on the ICO (Information Commissioners Office) website is ‘accountability’. The ICO says: “Accountability is one of the key principles in data protection law – it makes you responsible for complying with the legislation and says that you must be able to demonstrate your compliance.”
Reading the ‘training and awareness’ pages of the ICO website, each section discusses ways to meet the ICO’s expectations. The principal areas of training that the ICO expect from an organisation are:
- All staff training programme
- Induction and refresher training
The questions that follow from understanding the ICO expectations are clear:
- Have you got an information governance training plan?
- If you have, is it fit for purpose, in line with current UK GDPR requirements?
There are, of course, many reasons beyond the need to comply with ICO expectations, why data protection and UK GDPR training is beneficial to organisations. Empowering employees to participate in a culture of information governance aids with client acquisition and retention, as an example. Data subjects want to work with organisations that place a high value on privacy.
Furthermore, training focusing on responding to personal data breaches and subject access requests, ensures appropriate policies and procedures are followed. This mitigates the potential for any reputational damage that could be caused to the organisation, should the wrong approach be followed.
How can CSRB help?
The ICO makes it clear that a proactive approach to personal data management and privacy is vital. The ongoing training associated with it, is not only a matter of compliance, but sensible business risk management and is a vital part of an organisations business continuity plan.
CSRB has recently launched a ‘UK GDPR Refresher Training Course’ which is designed to increase awareness and understanding of your UK GDPR accountabilities and responsibilities. The course enhances your knowledge of UK privacy legislation and subsequent regulations.
The course provides the building blocks for a robust information governance framework, through focusing on the core UK GDPR data processing principles. The UK GDPR Refresher Training Course will add a new level of knowledge to your team’s awareness of data protection and will demonstrate the organisation invests in its people, both internally and externally.
How will the course work?
The training course will be hosted live by a certified data protection practitioner over three 90-minute online modules. The content covers the 12 key areas of UK GDPR relevant to organisations. It will use real world business examples and case studies to illustrate areas including:
- The 6 lawful bases for processing personal data,
- The roles of data controllers and data processors,
- The importance of the Data Protection Officer (DPO)
- Demonstrating compliance via marketing activities
There will of course be opportunities for questions and to check understanding of the learning, so senior leadership teams can be certain that a clear understanding of the expectations on the business regarding data protection has been achieved through attendance at the course.
The course is delivered online for several reasons, mainly as CSRB is passionate about protecting the environment, in addition to protecting people’s personal data. Each delegate that attends will be presented with a Certificate of Planting for a new tree! This is another commitment CSRB has put in place to ensure we place actions against our sustainable values.
Who should attend?
Business owners, directors, managers, and anyone fulfilling a data processor role. The course is specifically geared to those responsible for information governance or the marketing of your organisation.