The General Data Protection Regulation (GDPR) requires organisations to train staff on everything from consent and data retention to the rights of individuals.
Employees in certain high-risk positions need an in-depth understanding of lawful bases, dealing with Subject Access Requests and data protection impact assessments.
Our library of general and specialised e-learning courses provides a complete GDPR compliance training solution.
The courses in this library were updated to coincide with the anniversary of the introduction of the regulation.
Our library of general and specialised eLearning courses provide a complete GDPR compliance training solution.
The key to GDPR compliance lies with people, not just systems, so it is critical that all staff understand and adhere to GDPR. In this GDPR training course, staff can learn about the principles of privacy and data protection, and how to apply them in practice.
Available in all major European languages.
Once your employees have been trained on the requirements of the GDPR in relation to personal data, they still rely on their managers to help them comply with the rules.
This course will teach your managers about data protection principles, individual rights, breaches and best practices to enable them to guide their teams.
Under the GDPR, the security of personal data is absolutely critical for your business, and the consequences of information being lost or stolen are severe. Here your employees will learn the steps they should take to keep your systems, network and personal data secure.
Under the GDPR, businesses are required to implement and continually improve protection for personal data. While you may need to improve online data security, many of the risks of exposing personal data come from everyday situations. This course provides some simple steps to improve data security and help your compliance with the GDPR.
Whether you are sending an email, instant message or responding to an online enquiry, the convenience of using electronic communications also comes with risks. All communications with individuals are personal data and they can contain the personal details of other individuals. All this personal data is now afforded protection under the General Data Protection Regulation (GDPR). This course will help your employees to learn how to communicate professionally while still safeguarding personal data.
Social media gives your employees the opportunity to engage, network and communicate both internally with colleagues and externally with customers, suppliers and partners. However, much of the content on social media is personal data, and it must be protected under the General Data Protection Regulation (GDPR). Here your employees can learn how to protect personal data on social media and comply with the GDPR.
Payment Card Industry Data Security Standard (PCI DSS) is the information security standard for organisations that process credit card payments. It can act as a tool for implementing technical measures for compliance with the General Data Protection Regulation (GDPR). This course will help your employees to understand what it takes to comply with PCI DSS.
All parts of your business will deal with personal data and the processing of such data is protected by GDPR. Therefore, all employees need to have a basic awareness of this regulation and refresh their understanding periodically. This micro-learning module is ideal for revising what you need to know about the GDPR.
The GDPR requires companies to adopt the accountability principle and institute comprehensive and proportionate governance measures. Although you may not be personally responsible for these, you should be aware of these measures, including impact assessments, privacy by design, and measures to minimise the risk of data breaches.
Consent is one of the lawful bases for processing personal data that are provided by the GDPR, but the regulation sets a high standard for it. Genuine consent should put individuals in charge, build their engagement and enhance our reputation. Learn how to obtain and maintain individual consent that meets the regulatory standards.
Cybercrime poses a real and imminent threat to the personal data that we hold and are obliged to protect under the GDPR. The weakest link in all cybersecurity measures is people, and how we use passwords, plug-in devices and network access. Learn how you can take some simple steps to protect yourself against cybercrime.
We are required to conduct Data Protection Impact Assessment (DPIA) to understand and minimise data protection risks before we launch new processes, products, technologies or services, or undertake any processing that presents a higher level of risk to data subjects. Learn how DPIAs are conducted and how to utilise them appropriately.
You've seen scores of phishing emails and probably think that you're immune to them by now, but beware - not only do they work, but they account for a majority of the cases of criminals gaining access to corporate networks. Learn how you can take some simple steps to avoid being phished.
The GDPR provides several rights to the individual subjects of personal data. Failure to respect these rights can result in severe fines and sanctions. Learn about these rights in-depth and what you need to do in relation to them.
The GDPR restricts transfers of personal data outside the EEA unless the data is protected and the rights of the individuals are respected in another way. Learn about these restrictions and when 'restricted transfers' are permitted.
The GDPR requires us to have a lawful basis for each given purpose of processing. Without establishing and identifying a lawful basis, it is illegal to process personal data. Learn what the lawful bases are and which is most appropriate for your situation.
Legitimate interest is one of the lawful bases for processing personal data that are provided by the GDPR, and it's the most flexible one. However, it's also the one that requires the most careful consideration and balancing of our interests against the individual's interests, rights and freedoms. Learn how to establish whether legitimate interests is the most appropriate for your situation.
The GDPR introduces the duty for us to report certain types of personal data breaches to the supervisory authority. Learn how we should detect, record, and notify such breaches.
The GDPR provides six basic principles of personal data processing, including the need for a lawful basis, purpose limitation, data minimisation, accuracy, storage limitation and data security. Any breach of these principles is deemed to be a grave violation of the GDPR. Learn about these principles and what it takes to comply with them.