Human error remains the leading cause of data breaches. The best way to reduce risk and demonstrate your commitment to complying with Australia’s regulatory requirements is to ensure you staff understand the act, what is required and how your organisations manages data in line with those requirements.
I will develop the consent required to conduct staff training, tailored to various levels and includes instructions on how data is used and managed within your organisation. I can deliver training on-premises or online and will provide reference information for use after the course.
Training Course Package
- Privacy Fundamentals Workshop– Capture the current workflows, procedures and understanding of privacy requirements and how they are managed within your organisation
- Data Handling Procedures– Review current documented data handling procedures and provide recommendations to reduce risk and improve compliance with regulatory requirements.
- One-on-One Interviews – Capture the current workflows, procedures and understanding of privacy requirements and how they are managed within your organisation in practice.
- Course Content Development – Develop course materials to be used in training sessions. Content will include the Australian privacy regulations and the correct data handling and management procedures for your organisation.
- Staff Reference Manual – Develop a reference guide for staff on the key elements from the training including summary of the privacy act, basic data handling procedures and escalation points for questions.
Training Course Topics
Privacy Act requirements
Compliance starts with understanding what requirements are placed on your organisations from the regulations that you must comply with. Ensure your team understand the Australian Privacy Principles (APP’s) that govern the collection, storage and use of personal information and the ways in which your organisation meets these requirements.
Types of breach risk
Organisational risk can come in many forms. Help reduce your risk by educating your staff on the various risks of a data breach or a breach of the regulations and the consequences that can arise from those breaches.
Data governance council
Creating a Data Governance Council creates a cross-functional team of individuals who will help manage, define and implement data management processes at your organisation. Train participants in the how best to set up a privacy council and the outputs that are required to support privacy compliance.
In-house data handling procedures
Reduce risk of non-compliance by training your staff on the processes and procedures they need to follow when collecting personal information, responding to requests from individuals for access to their information, requesting changes or to be removed from your systems.
Privacy Impact Assessments
Privacy Impact Assessments (PIA’s) are an essential requirement to ensure compliance with regulation and are required under GDPR. Train staff in the use of Privacy Impact Assessments when planning new projects that require the use of personal information.
Data retention, Destruction and De-identification
Reinforce your policies by training your staff on the guidelines, procedures and processes in place at your organisation to ensure you are only storing the data you need and how you either destroy or de-identify information that should no longer be used.
Incident response plan
What happens if you are the victim of a data breach? Under the Notifiable Data Breach scheme, organisations are required to report a breach if you suspect an eligible data breach may have occurred. Training staff in your response plan should be a fundamental component of any privacy training for staff.
Get in touch to organise a training content meeting. We will answer your questions, agree timeframes & process, and discuss any specific requirements you may have. We will submit a formal proposal with project plan for our review and acceptance to proceed with the review.
Ph: +61 404 166 780 Wb: datadesignconsulting.com.au