MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

The GDPR Dream Team

So you are responsible for your organisation’s GDPR project. Imagine you had the option to choose the best people in your business to assist with the implementation of the GDPR regulation? You would select those individuals with the corporate standing and personal reputation for getting things done. All the hard decisions and agonising over remediation projects could be resolved in a fraction of the time. Everyone would participate in completing the data gathering and contribute diligently to establishing a baseline assessment of your organisations risk position in relation to GDPR.

Is this wishful thinking?

If the answer is yes, then your GDPR project is already experiencing troubles. Without the correct people on board, the task of achieving GDPR compliance will be unnecessarily difficult. GDPR is a change management project. It will change the way you do business in relation to personal data. From recent research it has been established that over 60% of all change management projects fail. Mainly as a result of under investment and lack of ownership amongst key stakeholders and business champions.

The first step to avoid these pitfalls and maybe acquiring that dream team is to provide the best possible training that you can afford. Ideally, good classroom based training is the gold standard. However it is time consuming and difficult to organise. Alternatively, high quality, role based eLearning will get the job done. You have to embed GDPR in the corporate consciousness. At the moment it feels like someone else’s problem for most of your co-workers.

But before you run off and start collecting information on data processing activities, get everyone in a room with a whiteboard. GDPR is different for every organisation as they all have different structures, history and business processes. Start working out what the most natural way of representing the hierarchy of your data assets. This could be by geography or by line of business. Find the one that suits you. Next comes the task of determining who the data processing champions are within this structure. This activity will also bring out the structure of the way you want staff to return information to you in order to collate everything in a manner that will allow us to determine trends.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Data Security Breach

Why is a Data Security Breach a Boardroom Issue?

Data security breaches have long since left the domain of the IT department and now sit firmly at the boardroom table. In today’s evolving threat landscape, board members need to be aware of the implications of a security breach and to be ready to take positive action.
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations

WEBINAR: 27th May 2021, 15:00 BST

The Data Breach Blame Game: Employees or Employers?