Achieving GDPR compliance begins with
staff training and education

The people in your organisation are at the core of your GDPR project. They know what data processing activities the organisation undertakes. But do they know their obligations, and those of your organisation, under the new European Privacy Regulation?
Staff awareness of these obligations holds the key for those looking to demonstrate compliance.

GDPR compliance begins with a Data Protection Policy for staff. Get started with your free policy template today.

Writing a new organisational policy is never easy. Where do you start? To set you on your GDPR journey, we have drafted a Data Protection Policy template that will help you establish GDPR compliant staff behaviours within your organisation.

What is GDPR?

The EU General Data Protection Regulation (GDPR) is a replacement for the current EU Data Protection Directive. GDPR is intended to strengthen and unify data protection for individuals within the European Union. The Regulation aims to restore the balance between the interests of the Data Subject and the Data Controller.

25th of May 2018 is the deadline.

From this date, GDPR will affect every organisation that processes EU resident’s personal data. Being a Regulation, rather than a Directive, it requires compliance by all EU member states.

So what can you do between now and the point at which this Regulation comes into force? GDPR Readiness requires that you effectively engage, and work closely with, key business stakeholders to deliver a GDPR compliant business operating model. Our GDPR Implementation Guide describes the specific activities required to prepare your organisation for GDPR.

Fines & Penalties

Penalty breakdown up to 2% of annual turnover or 10,000,000

For offences related to:

  • Child consent.
  • Transparency of information and communication.
  • Data processing, security, storage, breach, breach notification.
  • Transfers related to appropriate safeguards and binding corporate rules.

Penalty breakdown up to 4% of annual turnover or 20,000,000

For offences related to:

  • Data processing.
  • Consent.
  • Data subject rights.
  • Non-compliance with DPR order.
  • Transfer of data to third party.

The lenient fines of the previous Data Protection Directive are a thing of the past. The fines mandated of the new Regulation could lead to insolvency or complete business closure. Under the new Regulation, breached organisations could face fines of up to 4% of annual global turnover or €20 million, whichever is greater. GDPR requires board level endorsement and top line management buy-in. Unlike other Data Protection regulations or legislations, significant effort must be dedicated to preparing for GDPR if your organisation is to achieve compliance.

It is crucial to use the first part of the GDPR two-year grace period to raise awareness among key decision makers. GDPR compliance will become increasingly more difficult if this important preparation activity is delayed.

GDPR Products


GDPR eLearning

GDPR Policy Management

How to Implement GDPR

Establishing a workable structure for implementing your GDPR compliance strategy is fundamental for ensuring GDPR readiness. Our experts have created an implementation guide that provides an approach for establishing and maintaining GDPR compliance. That means we have done a lot of thinking for you in putting together a “Playbook for GDPR” that will take the headache out of kick starting your GDPR project.