Who needs to be trained? GDPR eLearning
02
Contents 1)
Our Journey to GDPR
Paddy McGovern Head of Content Strategy
2)
GDPR Briefing for Learning Professionals
3)
Expert Interview – Designing GDPR Training
4)
What Happens Next
Dublin, Ireland
Neil Cullen Director, Compliance Learning Dublin, Ireland
03
Our Journey Who We Are
Adding GDPR
www.interactiveservices.com/compliance
04
24 Years of Award Winning Global Learnin Our Firm at a Glance
GLOBAL CLIENTS GLOBAL CLIENTS 100+ STAFF WORLDWIDE 100+ STAFF WORLDWIDE COMPLIANCE TRAINING EXPERTS COMPLIANCE TRAINING EXPERTS
80+ essential compliance topics Available in multiple languages Customize every screen Refreshed annually Guaranteed LMS Integration Mobile ready
UNLIMITED ENTERPRISE LICENSE www.interactiveservices.com/compliance
Anti-Harassment & Discrimination
Anti-Bribery & Corruption
Information Security
Healthcare Compliance
Trade Compliance
•What are Anti-Bribery & Corruption?
•What is Information Security?
•Who Are Healthcare Providers?
•What is Harassment?
•Export Compliance
•What is Discrimination ?
•What is Fraud?
•Consequences of a Data Breach
•Interacting with Healthcare Providers
•Export Control Red Flags
•What is Retaliation?
•Email and Messaging
•Marketing Best Practices
•Impact of Harass. & Disc.
•Consequences of Bribery & Corruption
•Welcome1 is not a Password
•Taking Action
•Protected Groups & Harassment
•High Risk Activity
•Secure Social Media
•Interacting with Patients & Advocacy Groups
•Sexual Harassment
•High Risk Locations
•Sexual Orientation & Gender Identity
•Cash, Gifts and Entertainment
•Sanctions and Embargoes
Supply Chain Compliance
•Protect the Workplace
•Adverse Events
•What is Modern Slavery?
•Secure Out of the Office
•HIPAA Basics
•Social Engineering & Cybercrimes
•Clinical Trial Transparency
•High Risk Countries & Industries
•Intent vs. Perception
•Tactics to Prevent Bribery & Corruption
•Taking Action
•Preventing Modern Slavery
•ADA
•Books & Records
•Taking Action
•Taking Action
•Politically Exposed Persons
Manager Expansion Pack •Preventing H&D •Recognizing H&D •Managing H&D
•Taking Action
PCI DSS
Data Privacy
•What is PCI DSS?
•What is Data Privacy?
•Sensitive Data & Vulnerable Areas
•Taking Action Intellectual Property & Trade Secrets •What is Intellectual Property (IP)?
Anti-Money Laundering
•Protecting Data
•What is Money Laundering?
•Handling & Storing Data
•What is Terrorist Financing?
•Protecting Confidential Information
Ethics in the Workplace
•Consequences of Money Laundering
•Handling Sensitive Information
•Taking Action
•Business Ethics
•Placement, Layering, Integration
•Storing Data
GDPR
•Gifts & Entertainment
•Tactics to Prevent Money Laundering
•Disclosures
•What is the GDPR?
Insider Trading
•What are Records? •Records Retention
•The GDPR in Action?
•What is Insider Trading?
•International Data Transfers
•Working with the Cloud •Taking Action
•Privacy Shield
•Consequences of Insider Trading
•Conflicts of Interest •Diversity •Inclusive Workplace •Inclusive Manager •Taking Action Workplace Conduct •What is Workplace Conduct? •Bullying in the Workplace •Abusive conduct •Violence in the Workplace •Substance Misuse •Social Media Risks
•The Money Laundering Risk Lifecycle •Internal Reporting for AML •Taking Action Antitrust •What is Antitrust? •Dealing with Competitors
•Preventing Breaches
•Taking Action GDPR EXPANSION PACK •The GDPR and HR •The GDPR and IT
•Dealing with Customers
•The GDPR and Procurement
•Communication & Document Creation
•The GDPR and the Supply Chain
•What is EU Competition Law? •EU Law in Practice
•Types of IP •Trade Secrets •Taking Action
•Material Non-Public Information •Tipping •Designations, Restrictions & Windows •Taking Action
•The GDPR and Marketing
Mix & Match Your Topics
08
GDPR for Training Professionals Definition
Impact
www.interactiveservices.com/compliance
Training
09
What
is it?
The goal of the GDPR is to harmonize data privacy laws across Europe and protect the personal data of all EU citizens •Comes into effect on May 25th 2018 •Replaces the Data Protection Directive 95/46/EC •Examples include: name, photo, email address, date of birth, ethnicity, religion, financial record, medical information or employment history
The GDPR includes: •additional rights for data subjects •a standardized data protection regime across the EU •an obligation on businesses to make privacy by design a key element of all business processes Personal data has been widened to include IP addresses, cookies identifiers and mobile device IDs
Impact on EU & UK Companies? • Any firm that does business in the European Union must comply with the GDPR, regardless of the firm’s locale • Organizations can be fined up to 4% of annual global turnover or €20 million, whichever is greater • Firms are required to ensure I. Privacy is built into the whole lifecycle of business systems II. Any product or service that is released to the public must also have maximum privacy by default • Regardless of Brexit, companies in the UK must comply with GDPR
10
”
For example, if you sign up for a service that includes a published profile, such as a profile on a social media site, the profile should show the minimum information required and not add additional elements, such as age and location.
”
11
Training Requirements Deadline
GDPR comes into effect on May 25th 2018
Obligation of Privacy Officer (Article 39) “To monitor compliance with this Regulation, with other Union or
Audience + Cadence
Recommended that all staff have a basic knowledge of GDPR with particular attention for HR, IT and Marketing and Sales. Indepth training in Y1 followed by refresher training in Y2 and Y3.
Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness raising and training of staff involved in processing operations, and the related audits.”
13
Designing Training for a new piece of legislation Paddy McGovern Head of Content Strategy
•
Getting the sequence of topics right
•
Building motivation around GDPR
•
Designing effective scenarios for new legislation
Dublin, Ireland
•
Test strategy
Neil Cullen
•
Ensuring integrity of the content
Director, Compliance Learning
•
Rolespecific content
Dublin, Ireland
Top 3 Tips 1
Connect the learner to the legislation
2
Create relatable scenarios
3
Don’t over complicate the legislation
www.interactiveservices.com/compliance
14
What Happens Next First Deployments
1-on-1 Planning
www.interactiveservices.com/compliance
Demo Access
Try the training for yourself Schedule 30minutes to talk about audience & customization Get ready before May!
www.interactiveservices.com/compliance