As of 25th May 2018, the General Data Protection Regulations (GDPR) will be updated with new rigorous guidelines. This comes as a result of the growing scope of what is considered to be personal data. Personal data now comprises of online identifiers such as cookies and IP address, genetic data, biometric data and data concerning health.
The new law marks a wide-reaching and significant shift in the way that organisations must protect personal data. According to the East Midlands Chamber (2017), this is the biggest change in data protection legislation in 20 years and will have a profound impact on businesses across many sectors. The GDPR applies directly to service providers that process personal data on behalf of an organisation, such organisations include cloud services, call centres and payroll services.
According to IT Governance, the penalties are considerably tougher for GDPR. “Any organisation found in breach of the Regulation can expect administrative fines of up to 4% of annual global turnover or €20 million – whichever is greater” (IT Governance, 2017). The cost of non-compliance will also be compensation claims for damages suffered and reputational damage and loss of customer trust.
With that in mind, we must prepare for the upcoming changes to data protection to remain compliant and avoid fines. Here are 10 tips to be GDPR ready:
1. Ensure that decision-makers and key people within the organisation are aware of the new legislation and how it can impact the business.
2. Document what personal information you hold, including where it came from and who you share it with.
3. Review your current privacy information, making any changes to comply with the GDPR and communicate effectively to staff.
4. Ensure your procedures cover all the rights individuals have, including how they would delete personal data.
5. Identify the lawful basis for your processing activity in the GDPR, document it and update your privacy notice to explain it.
6. Review how you seek, record and manage consent. Don’t forget to refresh existing consent if they do not meet the GDPR criteria.
7. Consider whether you need to put in a system to identify and verify an individuals age and to obtain a parental or guardian consent for any data processing activity.
8. Implement procedures in place to detect, report and investigate a personal data breach.
9. Designate someone to take responsibility for data protection compliance and assess where this role will sit within the structure of the organisation.
10. Provide adequate training on the new legislation for staff who are directly involved with data processing.
For more information, see below our recommended resources.
Alternatively, the Information Commissioner’s Office (ICO) have created two very useful checklists, to help data controllers and data processors get ready for GDPR.
East Midlands Chamber, 2017. Website: http://www.emc-dnl.co.uk/site/10209/gdpr-what-this-means-for-your-businesss
Information Commissioner's Office, 2017. Website: https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
Information Commissioner's Office, 2017. Website: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr/
It Governance, 2017. Website: https://www.itgovernance.co.uk/data-protection-dpa-and-eu-data-protection-regulation
Mentoring is a relationship between two people. As a mentor you pass on valuable skills, knowledge and insights to your mentee, in this instance an apprentice, to help them develop personally and in their career. It is highly beneficial to both businesses and the individual as it is designed to improve individual skills, knowledge and work performance through a series of development techniques based on one-to-one discussions.
When carried out well, mentoring not only provides the mentee with confidence and self-reliance, it helps to build strong teams, transfer valuable knowledge and prevent skills gaps.
Here are our top tips for effective mentoring in the workplace:
1. If you are tasked with choosing a mentor for the apprentice, select a mentor based on personal attributes. One study (Hirst, Short & Rinne, 2014) suggests that a mentor with such characteristics as openness, confidentiality and trust is more beneficial than selecting a mentor based on their position within a company.
2. Clearly define roles and responsibilities of the mentor and mentee. This can be achieved through a schedule which outlines goals, deadlines and regular meetings. This provides some ground rules for both the apprentice and the mentor.
3. Create a coaching environment and embed this in the organisational structure. This means, providing senior members of staff, HR and the mentor with essential coaching and mentoring skills, which can be understood and utilised when mentoring an apprentice.
4. If you are chosen to mentor, make sure you can actively listen. Taking a genuine interest in your mentee builds a rapport and creates a trusting working relationship. It will make the mentoring journey more valuable for both participants.
At Roundhouse Thinking we understand and value workplace mentoring. We offer a two day Mentoring your Apprentice in the Workplace course with provides any individual tasked with mentoring an apprentice, the tools required to develop an apprentice and help them unlock their potential.
For more information about this course, visit www.roundhousethinking.co.uk
PRINCE2 is back, and has been revised to offer an updated edition of the worlds more practiced method for project management.
PRINCE2 2017, offers updated guidance and new Foundation and Practitioner examinations. Modernised through a collaborative approach involving over 100 Practitioners, trainers, consultants and global feedback. The fundamentals of PRINCE2 remain, but the emphasis within these have shifted to recognise the evolving demands of today’s business environment.
The course is 5 days, and aims to educate participants on how to fully apply the 7 PRINCE2 (Projects IN Controlled Environments) principles to the running and management of projects. The course will take you from beginner level all the way through to a registered PRINCE2 Practitioner through expert tuition and coaching.
As an internationally recognised award, PRINCE2 develops your project management theory and ability to manage a project of any scale with success. The practical application of guidance, real-life examples and tips provide you with the confidence to adapt the PRINCE2 method to your own organisation and projects.
The qualification is ideal for Project Managers, aspiring Project Managers and any staff involved in the creation and conveyance of projects.
Don’t forget to follow @Rhthinking for the latest news and updates!