Oliver Price’s Weekly GDPR Blog #22 – Get your house in order!

This week I am starting in-house training at my firm, Wansbroughs solicitors. The focus for this is to ensure that everyone is ready for the arrival of the GDPR on the 25 May 2018. With less than three months to go, this is a good time to deal with it.
I have heard very different stories about training from a wide range of businesses and organisations. As with much of the GDPR the approaches are very polarised. Some organisations are conducting sessions with all staff lasting a whole day or more. Others are not doing any training at all. I prefer that there is training for all, but at a relevant, practical and not over-detailed level.
My training sessions last about an hour and we have 100 staff divided into seven teams. In my view most of the important messages about the GDPR can be delivered within one hour and it is probably too dry a subject to go on about for more than a couple of hours. I will also want to gather in as much feedback as possible about where my staff see that we can improve our data management and systems
The other point is why bother at all? In reality any organisation that ever has a data breach will know the Information Commissioner is interested in how that organisation has behaved leading up to the breach. Systematic and organised training is regarded as good data behaviour and so carrying out training and keeping a record will help you should you have to face the ICO after a breach has been notified to her.
12 March 2018

Last updated 12/03/2018