This article is a one-stop shop for those looking to prepare for GDPR. It will show you why GDPR eLearning is the most effective way to create and maintain compliance.
What is GDPR?
Firstly, GDPR is the General Data Protection Regulation which is going to replace the Data Protection Act on 25th May 2018. It’s a regulation drawn up by the European Parliament, the Council of the EU and the European Commission. The purpose of the legislation is to strengthen data protection for everyone in the EU.
In addition, the new legislation will give people more say over organisational data well as improved transparency. Essentially, the EU has recognised the emerging digital economy and are trying to address this by tightening the rules.
What about Brexit?
Even after leaving the EU, the UK has committed to maintain our ability to securely and legally share data with other EU states. This means that all organisations need to be compliant in GDPR legislation despite the upcoming exit.
How does it affect my organisation?
Importantly, does your organisation handle customer data in some way? This could include keeping HR records, contact details or customer lists, just to name a few. If you do handle data, then your employees will need to be trained on GDPR legislation.
The legislation refers specifically to “special categories of personal data”. This is similar to the Data Protection Act, with some minor changes. It will affect how you collect, secure, storage and use personal information. The regulation states that it will only be bound to organisations with 250 employees or more. However, if your current processes aren’t in line with regulation, there is still a risk of getting caught out.
How can I train employees?
There are a number of ways to train employees on GDPR, but the quickest and easiest way is to deploy GDPR eLearning. This route is offered by many eLearning suppliers as a simple, trackable solution.
GDPR eLearning is an ideal way of bringing employees up to speed on the latest regulation for a few reasons:
- Efficiency – many companies have deadlines to get staff compliant before May 2018. Because of this, there is fairly tight turnaround to implement, complete and report on training. GDPR eLearning is one way of tackling this as the purchase and implementation is simple. Once in place, the course takes no longer than 1 hour to complete and other activities can be implemented to further test staff knowledge. This could include group discussions or policy documents to read and sign.
- Affordability – Some organisations may opt for GDPR F2F training, such as attending conferences, training sessions or hiring consultant. Whilst this could provide 1-2-1 discussions, GDPR eLearning is more affordable per head compared to F2F training.
- Reporting – What purpose is there in investing in GDPR training if you can’t evaulate if the new information has been taken into account? The advantage of GDPR eLearning is that, once on learning management system, you will be able to instantly track and assess compliance, especially when assessments are included.
- Fun – Unless you love data, it’s unlikely that GDPR training is going to excite your staff. If you offer GDPR eLearning, however, it can involve more engaging and interactive content.
A screenshot from our GDPR eLearning course showing the “What is GDPR?” page
What GDPR eLearning is available?
Learning Nexus have built a GDPR eLearning course built in Articulate Storyline. This software allows us to a modern and highly interactive course with gamification elements, such as quizzes.
The gamified eLearning course will last no longer than 1 hour and will cover: What is GDPR?; Key Terminology and Changes to Legislation; how employers preparing for GDPR; the benefits and consequences; how you can comply; governing GDPR and a final summary and assessment.
How does GDPR eLearning fit into my organisation?
Here, there are two options. Your organisation may already have a learning management system (LMS) which hosts other eLearning courses. If this is the case, you simply add the SCORM-wrapped course to your LMS to easily track progress and completion.
If you don’t have an LMS, Learning Nexus has several platform options to host your eLearning course. This could be our NexusComply solution which provides a 360° compliance tool for your organisation.
What are the consequences if staff aren’t compliant?
Due to the new legislation, Data Protection Authorities will have the power to enforce huge fines for breaches of personal data. The maximum penalty that can be applied for the more severe breaches is 4% of annual global turnover or 20 million euros (whichever is greater). For the less serious infringements, a 2% fine is applied. These consequences are much more severe than previous legislation which saw TalkTalk issued £400,000 in 2016 for failing to protect customer data in their cyber attack.
Another big change is the reporting of personal data breaches, which will become mandatory in May 2018. Organisations that deal with large amounts of data will also be required to have a Data Protection Offer (if they haven’t already).
Don’t panic
Although the May 2018 date is looming, don’t panic and choose the first training option that falls on your lap. Research and compare various options to determine what method suits your organisation’s GDPR learning needs best. Learning Nexus will soon have a demo of our GDPR eLearning game available, so fill in our contact form to register your interest and we will be in touch to organise your free demo in the New Year and provide you with further information.
A screenshot from the GDPR eLearning ‘user dashboard’ screen
What is Learning Nexus’ GDPR eLearning course like?
Our in-house instructional and graphic designers have been working alongside a range of our public and private sector customers to design an engaging and informative GDPR eLearning course.
The course is designed as a social media newsfeed, inviting users to navigate the areas to learn more about GDPR including:
- Learning objectives for the course
- What is GDPR?
- Key terminology
- How are employers preparing for GDPR?
- Benefits and consequences
- How you can comply
- Governing GDPR
- Summary
- Tracked final activity
Games and activities are weaved throughout the course, such as drag and drop interactions and hidden ‘easter eggs’ elements. This is to ensure fun and interactivity is injected into what could otherwise be a dry topic!
Contact us for more information about pricing or content, and to register for a demo of the course in January.