GDPR training

Training dedicated to processing staff.

Need

This Friuli-based company - which specialises in packaging solutions and has an upwards turnover of over €80 million - set out the need to train its employees to operate in compliance with the principles enshrined in European Regulation 2016/679. According to Art. 29 of the GDPR, Data Controllers  are required to ensure their employees appointed as data processors undergo appropriate training based on the role and duties they perform.
This training contributes to increasing the Data Controller's accountability.

Solution

The training was divided into three stages. The first stage was dedicated to illustrating and clarifying the regulatory principles underlying the 2016/679 European Regulation. The second was tailored to the specific needs of the company and its business, while the third focused on the practical aspects of each area involved in the processing of personal data relating to natural persons (HR, administration, marketing, IT), ending with a simulation-based workshop involving the management of real cases and a final test on the skills acquired.
For employees responsible solely for processing small amounts of basic data, the e-learning mode was chosen; available on the Privacy Lab platform, this option consists of a 2 hour video lesson exploring the basic principles of the legislation and providing practical tips. At the end of the two hours, the operators sat a final test to check the skills acquired.

Benefits

• Raised awareness among the staff, which led to faster response times to enquiries from outside on data protection issues.
  
• Lower risk of engaging in misconduct and consequently lower risk of exposure to sanctions.
  
• Higher level of accountability means greater protection for the company.