Data Protection Awareness eLearning
Data protection has never been more important. In the past few years, a number of countries have updated and enhanced their data privacy laws – in particular, the European Union’s ground-breaking General Data Protection Regulation (GDPR) has strengthened protections in relation to personal data and increased the potential penalties for breaches of the law.
In addition, individuals are becoming increasingly aware of their personal data and how it is being used, so it is vital that organisations get it right - personal data should always be handled in a way that is fair and provides the appropriate degree of privacy.
Training on the regulations is vital for staff – everybody needs to be aware of what is expected in relation to personal data and there is an ever-present danger of reputational damage and significant financial penalties for breaches.
This eLearning module puts the data protection law and regulations into context, highlighting the core requirements in a way that is sufficiently comprehensive and practical to be suitable for all staff needing training on their purpose and impact.
Who is this for?
This course is suitable for all staff. Other versions of this data protection eLearning module are also available to reflect the laws of the relevant jurisdiction (such as the DIFC or the ADGM).
The training module will take around 40 minutes to complete, and is made up of 8 subsections:
- The aim of the Law
- Why it is necessary
- Who it applies to
- When it applies
The principles of the Law:
- Lawful, fair and transparent processing
- Purpose limitation
- Data limitation
- Data subject rights
- Data retention period
- Data security
Lawful Processing (incl consent)
- The main instances that provide organisations with the legal basis they require
- What makes consent valid
- Right to be informed
- Right of access
- Right to rectify
- Right of erasure
- Right to data portability
- Privacy by design
- Data protection impact assessments
- The Data Protection Officer (DPO)
- High risk processing activities
Breaches and notifications
- Notification requirements of a personal data security breach
- Restriction on the transfer of personal data outside of the DIFC except in limited circumstances
- The limited circumstances in which personal data may be transferred
- 10 multiple choice questions
See examples taken from a range of our eLearning courses in the gallery below.