GDPR and the Data Protection Act 2018 (when passed) will be new.
An organisation must comply with the six principles; the regulation and the Act. There are also other laws to consider such as the privacy regulation that deals with electronic marketing. Organisations should ensure that those employees who process personal data know the law and fully understand your in-house policies and procedures.
If you are a data processor then your employees are legally obliged to commit to confidentiality.
In addition, employees are often the weakest link when it comes to cyber security.
We offer bespoke training in the following areas (and more):
Threats to information e.g. phishing, vishing, malware, mandate fraud – and how to keep information safe.
Rights of employees/ customers under GDPR
Your contracts with data processors
Personal data breach incident management
For further information please contact us.