GDPR: 6 months to go

Posted by Jamie Armstrong

Anyone working with personal data, particularly in the European Union, will know that we are now just six months from “GDPR day” (as I have taken to calling it). On 25-May-2018, the EU General Data Protection Regulation (“GDPR”) will become applicable, ushering in a new privacy/data protection era with greater emphasis than ever on the rights of individuals when their personal data is used or stored by businesses and other organizations. In this blog post, I provide some general reminders about what the GDPR is and give some insight into Questionmark’s compliance preparations.

The GDPR replaces the current EU Data Protection Directive, which has been around for more than 20 years. To keep pace with technology advances and achieve greater uniformity on data protection, the EU began work on the GDPR over 5 years ago and finalized the text in April 2016. There then followed a period for regulators and other industry bodies to provide guidance on what the GDPR actually requires, to help organizations in their compliance efforts. Like all businesses that process EU personal data, whether based within the U.S., the EU or elsewhere, Questionmark has been busy in the months since the GDPR was finalized to ensure that our practices and policies align with GDPR expectations.

For example, we have recently made available revised versions of our EU OnDemand service and US OnDemand service terms and conditions with new GDPR clauses, so that our customers can be assured that their agreements with us meet data controller-data processor contract requirements. We have updated our privacy policy to make clearer what personal data we gather and how this is used when people visit and interact with our website. There is also a helpful Knowledge Base article on our website that describes the personal data Questionmark stores.

GDPR

One of the most talked-about provisions of the GDPR is Article 35, which deals with data protection impact assessments, or “DPIAs.” Basically, there is a requirement that organizations acting as data controllers of personal data (meaning that they determine the purpose and means of the processing of that data) complete a prior assessment of the impacts of processing that data if the processing is likely to result in a high risk to the rights and freedoms of data subjects. Organizations will need to make a judgment call regarding whether a high risk exists to require that a DPIA be completed. There are scenarios in which a DPIA will definitely be required, such as when data controllers process special categories of personal data like racial origin and health information, and in other cases some organizations may decide it’s safer to complete a DPIA even if not absolutely necessary to comply with the GDPR.

The GDPR expects that data processors will help data controllers with DPIAs. Questionmark has therefore prepared an example draft DPIA template that may be used for completing an assessment of data processing within Questionmark OnDemand. The draft DPIA template is available for download now.

In the months before GDPR day we will see more guidance from the Article 29 Working Party and national data protection authorities to assist organizations with compliance. Questionmark is committed to helping our customers being compliant with the GDPR and we’ll post more next year on this subject. We hope this update is useful in the meantime

Important disclaimer: This blog is provided for general information and interest purposes only, is non-exhaustive and does not constitute legal advice. As such, the contents of this blog should not be relied on for any particular purpose and you should seek the advice of their own legal counsel in considering GDPR requirements.

Questionmark Conference 2018 – Registration is Open!

Posted by Brian McNamara

We are excited to announce that registration for Questionmark Conference 2018 is now open!

Questionmark customers will gather March 6th – 9th in Savannah, Georgia, for three days of learning, networking and professional development opportunities.   Whether you are a new user or a pro, Questionmark Conference is the ideal place to get vital information, insight and learning about the latest assessment technologies.

Join us at the Westin Savannah Harbor to enjoy southern hospitality with your peers and the Questionmark team to:

  • Learn about new Questionmark features and functions
  • Attend engaging hands-on product training sessions
  • Network with fellow Questionmark users
  • Get valuable tips, insights and best-practice guidance
  • Plan for the future with a sneak peek at the product road map

Registration is now open at special early-bird rates. Visit the conference website today for details!

Questionmark Conference 2018: Assess for Success | March 6-9 in Savannah

GDPR is coming. Are you ready?

Posted by Julie Delazyn

Don’t get left behind as the most important change in data privacy takes effect May 2018. The new General Data Protection Regulation (GDPR) intends to strengthen and unify privacy and data protection and any organization that stores or manages data about Europeans will need to comply.

With eye-watering regulatory fines of up to €20 million or 4% of global annual turnover (whichever is greater), a credible compliance strategy is essential.

Join us for a FREE 45 minute Webinar July 26, 2017, to understand how online assessments can help you meet your GDPR challenges.

The webinar will cover:

  • What the GDPR is and who it impacts
  • Why you should care about GDPR compliance
  • How to overcome the challenges presented by GDPR — including the learning curve for your employees
  • How assessment can help mitigate GDPR risks and aid your compliance strategy
  • Considerations for implementing assessment management software to aid in compliance

We look forward to speaking to you at the webinar!

How to use assessments for GDPR compliance

Posted by John Kleeman

In about a year’s time, on 25 May 2018, a major new European law, the GDPR, comes into effect. It will update current laws and set new requirements for handling personal data. The GDPR will replace country-specific current data protection laws and will impact any organization anywhere in the world that stores or manages data about people who live or work in Europe. With implementation of the GDPR just a year away, organisations need to prepare themselves now to implement it.

This post explains how an online assessment management system like Questionmark can help your organization comply with the GDPR. We also invite you to a free webinar where you can learn more about how assessments can help you comply.

What will be the fines for failing to comply with the GDPR?

European regulators are suggesting that those who don’t comply will face large fines. The law itself says that fines can be up to €20 million or 4 percent of turnover (whichever is more). The Irish data commissioner has said that there will be no leeway or grace period, and that noncompliant firms will be heavily fined — this under a data protection regime generally considered to be more business-friendly than those in some other countries. Some European regulators are also preparing the ground by issuing high fines under existing data protection regulations. For example, the Italian Data Protection Authority has just issued an €11 million fine.

What is the learning challenge for GDPR?

The GDPR has specific requirements for training personnel and for monitoring the effectiveness of the training. In addition, most companies will be incentivized to train their employees to ensure that personnel understand the GDPR and their own company policies/procedures – since failing to follow the rules will make companies liable for fines.

The GDPR legislation is 88 pages long and the rules are complex. Within most companies, many different departments will be responsible for handling and processing data: HR, IT, sales and marketing, technology and product development and more. All these departments will need to climb the learning curve to know and understand how the GDPR applies to them.

Thus, a key part of the compliance challenge for GDPR will be ensuring that your personnel learn and understand the rules.

How assessments can help

An assessment management system like Questionmark’s lets you:

  • Create quizzes, tests and exams on the GDPR’s or your company’s policies and procedures
  • Deliver them to personnel at home, work or on mobile devices
  • Analyze the results to help you find weaknesses or potential problems
  • Store the results as trustable evidence that your people understand

Trustable, online assessments can help in many ways with GDPR compliance.  They are the best way to help ensure your employees understand the rules and to reduce the likelihood of mistakes that lead to fines. Assessments are also the best way of providing evidence that you did train your personnel well. This evidence could mitigate the amount of a fine, in the event of a privacy misstep.

Questionmark’s webinar

To help you understand more about how online assessments can help you meet your GDPR challenge, we invite you to a webinar presented by myself and Questionmark’s UK Marketing Manager, Chloe Mendonca on Thursday 29th June, 2017.

The webinar will cover:

  • What the GDPR is and who it impacts
  • Why you should care about GDPR compliance
  • How to overcome the challenges presented by GDPR — including the learning curve for your employees
  • How assessment can help mitigate GDPR risks and aid your compliance strategy
  • Considerations for implementing assessment management software to aid in compliance

We look forward to speaking to you at the webinar. Click here to register.

GDPR Webinar Image

 

Want to enhance exam integrity? Need to ensure compliance? Then don’t miss these webinars!

Posted by Chloe Mendonca

Proxy testing … Cheating …. Content theft. Does the battle ever end? The techniques and technologies being used to compromise the integrity of your test programs are complex and continually evolving. Many organisations are increasingly turning to online proctoring solutions.

Research shows that when properly applied, online proctoring can be as or more effective than traditional test centre proctoring. Besides reducing security risks, it provides test takers the convenience of taking tests from their homes, workplaces or colleges. It also reduces costs not only for administrators but also for test takers. Consider for a moment the testing fees, travel, parking, and the simple time away from work or studies.  In addition to online proctoring’s effectiveness one of the most exciting things is that this approach has the potential to grow as technology becomes more advanced and widespread.

Before implementing online proctoring, organisations should approach with caution, not all online proctoring services are equivalent. While some are designed with high-stakes tests in mind others can actually increase the risk of cheating. So what do you need to consider? What should you be wary of? Is online proctoring suited to your organisation or institution? Join Questionmark for a 45-minute webinar answering these questions and more.

Register for: Enhancing Exam Integrity with Online Proctoring

Online Proctoring is only a small part of achieving exam integrity. For those less familiar with Questionmark’s end-to-end Assessment Management System, find out how security is embedded at every stage of assessment development in our 60-minute demo. Discover the features and functions available to help you securely create, deliver and report on your surveys, quizzes, tests and exams in our introductory webinar. Note, we are also holding this webinar in Dutch.

Register for: An Introduction to Questionmark’s Assessment Management System

Or for organisations working in sectors that demand compliance, learn about 7 ways that assessments can enhance your eLearning and compliance strategy and best practices for using them in our 30-minute German webinar.

Register for: Warum und wie Sie Compliance-Prüfungen nutzen sollten

 

Reminiscing about Santa Fe: Presentations, pictures & the weird and wonderful art house

Posted by Chloe Mendonca

After eagerly looking forward to Questionmark’s most important annual learning event for months, it was over before we even knew it! The Questionmark Conference gave all of us three special days to meet so many of our globally dispersed customers and employees face to face, learn best practices, have fun with one another and discuss new ways to leverage Questionmark’s technologies.

This year I was fortunate enough to be there, and a big highlight was getting a deeper understanding of how others are using Questionmark’s technologies. From our evening networking events to our stimulating panel discussion — which brought together experts from the US State Department, Caterpillar Inc., Scantron and Compass Consultants to discuss best practices for making data work within learning and assessment programs — to more specific breakout sessions, our guest speakers did a wonderful job of sharing lessons learned and best-practice tips.

Todd Horner from Accenture, for example, hosted a great discussion, “Taking the Migraine out of Migration: Accenture’s journey to next-gen authoring.” He spoke about the shared “fear of the unknown” and how to get around change-management challenges. Lauri Buckley and Lindsey Clayton from Caterpillar Inc, delivered an impressive presentation, “A Process to Mastery: Assessments as career development tools,” during which they shared valuable tips about how to effectively design and develop various types of competence assessments, from proficiency tests to validation and observational assessments. You can get the handouts from these presentations and more right here.

For those who couldn’t be there in person, we webcast selected conference sessions — hitting record numbers online. If you joined us for the webcast, got a sense of the Questionmark Conference atmosphere and want to join us in person next year, keep your eyes peeled for our dates and location announcement coming to the blog in the next few months. See the recordings of our selected webcast sessions at: www.questionmark.com/go/2017uconwebcast (Please note you must be logged into the website with your Questionmark username and password).

I’d like to take this opportunity to say a big thank you to all of our wonderful speakers for taking the time to share their knowledge. Without them there would be no conference!

Now for the bit you’ve all been waiting for… conference pictures! To all those who went back to the office struggling to describe the weird and wonderful art house that is Meow Wolf’s House of Eternal Return, hopefully these snaps will make things a little easier 😊  View conference and evening event pictures here on our flickr page.

What did you enjoy most about Questionmark Conference 2017? Leave me a comment below and stay in touch!


Just in case you missed it…

John Kleeman, Questionmark’s Founder & Executive Director reported back 6 good practice tips heard in Santa Fe.

Next Page »