An initiative has been launched to help businesses and organisations who are bracing themselves against the complexities of strict new data protection regulation in 2018. The introduction of the General Data Protection Regulation (GDPR) in May is likely to be most important consideration for the UK’s business community, and all organisations which hold personal data, this year.
Gilson Gray, one of Scotland’s most prominent law firms, has created an affordable online training programme to guide employees through the GDPR maze.
The programme, developed with leading UK training specialists Apex Training, is the first course of its kind that is City & Guilds accredited.
Businesses and organisations must comply with the GDPR requirement to protect personal data. GDPR gives consumers greater control over the data organisations may hold. Individuals can demand to know what information is held about them, who has been passed it and for what purpose the information is used.
Breaches can lead to a significant fine – either a maximum of €20million or four per cent of global turnover. It is also feared it could also lead to huge number of individuals making claims for compensation for breach of privacy.
Derek Hamill, Head of Corporate Law at Gilson Gray, said that although the deadline for compliance is looming, many businesses are unsure of what they need to do – or how to do it.
Derek, who holds a Masters in IT and Telecomms Law, said: “GDPR will affect every customer-facing organisation, yet the majority are unaware of the legislation with just a few months to the deadline for its introduction.
“No one should believe this is only of concern to big businesses. Virtually everyone – such as care homes, marketing firms and even hairdressers – holds data and so need to comply.
“GDPR raises the privacy bar. Organisations must be able to locate the personal date they use, understand its purpose and appropriately secure it — no matter where the data is stored or how it is shared. And they need to be sure they have consent when they use that data.
“This is not an IT problem. It is a cultural issue. While there is a need for urgent action at senior level, it is also important that staff at businesses and organisations know their responsibilities.
“Our GDPR training package provides a tool to give employees knowledge and understanding to comply with the new legislation.
“As well as being uniquely City and Guilds accredited and highly cost-effective, the training has been developed to combine the required legal know-how via Gilson Gray with the expert training skills of Apex Training.
“The training product also underlines the philosophy of how we do things at Gilson Gray, to be the best law firm in the country by constantly challenging convention and to seek new ways of working to improve the service we give to our clients.”
Justin Skelton, Managing Director of Apex Training, said:
“The GDPR training which we have developed working with Gilson Gray gives employers a huge amount of security because it covers all the critical aspects which staff need to know about on a daily basis and tests their knowledge at the end of the course. The City & Guilds accreditation means that the knowledge testing is extremely robust and demonstrates that the employer has been careful to ensure their people receive training which is thorough, effective and credible.
The e-Learning contains interactive and video elements which help to build learner engagement and bring the topic to life. So employees don’t just learn about GDPR – they are engaged and interested in how this affects them and the company they work for.”
The training course costs £179 +VAT per user. The hour-long course is undertaken at an individual’s desk which ends with an on-line exam, after which they get an e-mail confirming the exam results for audit trail purposes.
Gilson Gray has also created a Data Protection team, formed from its Corporate and Employment departments, to provide a strategic support and guidance service to businesses and organisations to navigate through the GDPR requirements.
Gilson Gray has also teamed up with GCI, the UK’s leading Managed Technology Service Provider, to run free half-day seminars in Edinburgh on how to prepare for GDPR. Click here for details on our next event.
The information and opinions contained in this blog are for information only. They are not intended to constitute advice and should not be relied upon or considered as a replacement for advice. Before acting on any of the information contained in this blog, please seek specific advice from Gilson Gray.