About this course
Hybrid working practices have been adopted by numerous employers in Northern Ireland following the COVID-19 pandemic. However, with many employees now moving between the office and home there is a greater risk of potential security breaches and the loss of confidential information. The remote working practices many organisations put in place at the start of the pandemic may now need to be adjusted as we make a more permanent move to a hybrid working world. This will require a significant shift in culture and the need to establish new ways of working.
If you have staff within your organisation who work between the office and home, it is crucial that they understand their responsibilities and obligations under data protection law. This means that they are better equipped to protect your organisation against a cyber attack.
This course isn't only designed for those that physically work remotely themselves. It's set in a broader range that although they may be in the office, they could have a colleague, supplier or client that is working remotely. This course is tailored specifically, to provide all your employees with comprehensive training and you with an evidence trail for the Information Commissioner’s Office (ICO), should a data breach occur.
What is GDPR?
The UK General Data Protection Regulation came into effect on 1st January 2021, and it sets out the key principles, rights, and obligations for the processing of personal data in the UK. It is based on the EU GDPR which applied in the UK before that date, with some changes to make it work more effectively in a UK context. In essence, it is designed to bring controls on how organisations process personal data into line with 21st-century developments, like social media, e-commerce, mobile data and the cloud.
Fines of up to £17.5m or 4% of your global turnover could be imposed. If you do not follow the GDPR you will be exposing your organisation to those massive fines and the public relations nightmare that is sure to follow. Your reputation could be ruined.
You can make your systems and contracts GDPR compliant, and you can bring your workforce up to date with all staff training. Data protection compliance training reduces the likelihood of data breaches at work and significantly strengthens your defence when dealing with the ICO.
What is hybrid working?
Hybrid working is a flexible working model which allows employees to work from a range of different locations, hybrid working blends the option of working from home with working in the office, or other public spaces.
Hybrid working can benefit employers and employees alike, it can significantly save office space and reduce resources, whilst helping employees develop a better work/life balance. However, it also presents challenges in relation to potential data protection and cyber security issues.
A hybrid approach brings a greater reliance on technology, this increases your company’s risk of cyber security vulnerabilities. That’s why it is essential for businesses to ensure their cyber security processes are suitable for this new way of working.
Employers need to educate, train and support all their staff, making them fully aware of how their digital behaviour can affect company security. According to a survey by the Ponemon Institute, 65% of business managers said it was easier to protect data when all employees worked in the office.
Why is data protection compliance training important?
Today’s technology is becoming increasingly more advanced which makes computer systems harder to penetrate. Hackers now rely heavily on human error.
Training is essential as an employee must comply with the law and understand the risks to the organisation’s reputation, the fines the organisation may face and their own personal risk of disciplinary action or even dismissal if they are involved in a data breach.
According to a study by IBM, human error causes 95% of cyber security breaches. Raising all your employee’s awareness through data protection eLearning training will help ensure compliance with the principles of GDPR and reduce the likelihood of data breaches caused by human error.
Who needs data protection training?
The ICO advises it is good practice to provide all staff with data protection training on or shortly after starting employment with regular refresher updates throughout their employment.
A recent report, ‘Cyber Security Breaches Survey 2021’, found that 83% of cyber breaches or attacks were phishing attacks – staff receiving fraudulent emails or being directed to fraudulent websites. The report also found that 4 in 10 businesses reported a cyber security breach or attack during 2020-2021.
Topics covered within the course include:
Why protecting data is important
The law relating to data protection
How to protect data in a hybrid world
How to protect against a cyber attack