If you look someone up on Facebook or LinkedIn, you’ll be able to gather huge amounts of information about them without them ever knowing. Until recently, nobody seemed to think about the risks involved; it was just the way things were, and if you didn’t get on board, you were left out from a whole virtual world.
But thanks to the recent Facebook data scandal and the introduction of the EU GDPR (General Data Protection Regulation), more people seem to be thinking twice about giving their information away so readily.
A survey conducted by 3GEM and SAS in June 2018 found that 43% of respondents wanted to remove their personal data from social media. Additionally, two thirds said they plan to:
- Deny organisations permission to share their personal data;
- Reduce the amount of data they personally share; or
- Review how companies use their data.
How the GDPR helps
As part of this, individuals must be told how their information will be used. Registered users should be given the option of updating or removing personal data.
Is your organisation prepared?
Any organisation within the GDPR’s scope needs to be ready for when individuals exercise their rights. Policies and procedures need to meet the Regulation’s requirements, and staff must be prepared for when they receive DSARs (data subject access requests). This is the technical term for when individuals query the organisation’s data collection policy.
DSARs might come by way of formal requests – perhaps an email with ‘DSAR’ in the header – or they could be informal. You might be in the middle of a conversation with someone and they ask to see what data of theirs is being held; this counts as a DSAR.
As such, anyone in your organisation who interacts with customers must be prepared for requests and know how to respond. They therefore need to be familiar with the GDPR, which means organisations should consider enrolling their staff on awareness courses.
GDPR staff awareness training with IT Governance
We are experts when it comes to the GDPR, having helped thousands of people learn about the Regulation and gain relevant qualifications. Your everyday staff don’t need to be GDPR experts, but they do need to be taught by them.
That’s why you should consider our GDPR Staff Awareness E-learning Course. It takes the essentials of the Regulation and explains it in a way that’s easy to understand for those who might not have previous data protection knowledge.
The course can be completed in 45 minutes, and as an e-learning module, it can be taken at a time and pace that suits your employees.