How to use assessments for GDPR compliance
Posted by John Kleeman
In about a year’s time, on 25 May 2018, a major new European law, the GDPR, comes into effect. It will update current laws and set new requirements for handling personal data. The GDPR will replace country-specific current data protection laws and will impact any organization anywhere in the world that stores or manages data about people who live or work in Europe. With implementation of the GDPR just a year away, organisations need to prepare themselves now to implement it.
This post explains how an online assessment management system like Questionmark can help your organization comply with the GDPR. We also invite you to a free webinar where you can learn more about how assessments can help you comply.
What will be the fines for failing to comply with the GDPR?
European regulators are suggesting that those who don’t comply will face large fines. The law itself says that fines can be up to €20 million or 4 percent of turnover (whichever is more). The Irish data commissioner has said that there will be no leeway or grace period, and that noncompliant firms will be heavily fined — this under a data protection regime generally considered to be more business-friendly than those in some other countries. Some European regulators are also preparing the ground by issuing high fines under existing data protection regulations. For example, the Italian Data Protection Authority has just issued an €11 million fine.
What is the learning challenge for GDPR?
The GDPR has specific requirements for training personnel and for monitoring the effectiveness of the training. In addition, most companies will be incentivized to train their employees to ensure that personnel understand the GDPR and their own company policies/procedures – since failing to follow the rules will make companies liable for fines.
The GDPR legislation is 88 pages long and the rules are complex. Within most companies, many different departments will be responsible for handling and processing data: HR, IT, sales and marketing, technology and product development and more. All these departments will need to climb the learning curve to know and understand how the GDPR applies to them.
Thus, a key part of the compliance challenge for GDPR will be ensuring that your personnel learn and understand the rules.
How assessments can help
An assessment management system like Questionmark’s lets you:
- Create quizzes, tests and exams on the GDPR’s or your company’s policies and procedures
- Deliver them to personnel at home, work or on mobile devices
- Analyze the results to help you find weaknesses or potential problems
- Store the results as trustable evidence that your people understand
Trustable, online assessments can help in many ways with GDPR compliance. They are the best way to help ensure your employees understand the rules and to reduce the likelihood of mistakes that lead to fines. Assessments are also the best way of providing evidence that you did train your personnel well. This evidence could mitigate the amount of a fine, in the event of a privacy misstep.
To help you understand more about how online assessments can help you meet your GDPR challenge, we invite you to a webinar presented by myself and Questionmark’s UK Marketing Manager, Chloe Mendonca on Thursday 29th June, 2017.
The webinar will cover:
- What the GDPR is and who it impacts
- Why you should care about GDPR compliance
- How to overcome the challenges presented by GDPR — including the learning curve for your employees
- How assessment can help mitigate GDPR risks and aid your compliance strategy
- Considerations for implementing assessment management software to aid in compliance
We look forward to speaking to you at the webinar. Click here to register.