Data Privacy Online Training

Data Privacy Online Training

Most organizations collect a lot of data and personal information from their customers and people who visit their website. From using analytics cookies to track when a user visits your site to collecting payment information, data is collected at almost every interaction a customer has with you.

Your customers have a right to say when and how you collect their data and how it is used. Many jurisdictions have introduced stringent legislation to protect the personal data of their citizens, so it is important that your team understand the regulations that affect their daily data handling processes.

If you are a global business, you also need to be aware of the EU General Data Protection Regulation (GDPR) which came into force on the 25th May 2018. All organizations that handle the data of EU residents must comply. It represents a significant change in data privacy legislation, so it is essential that you and your employees know how to ensure compliance.

Our Data Privacy online training, coupled with our GDPR Training Bundle teaches employees the ways they can use and process data according to the law.

Who should take the Data Privacy online training?

This training is recommended for all employees.

This course contains the following modules:

Video: Every time you go online or fill out a form, you give away information about yourself. Keep clients’ information private. Ethical and legal obligation to keep information private.
Interactive Screen: What do data privacy rules apply to? Types of data. Terminology, PII in the US, personal data in Europe. Know the types of data we hold, where data is held, what it’s used for, and the consequences of a breach.
Scenario: Unsolicited calls and mailshots from a marketing company. How did they get information?
Key Learning: Your name, address, and telephone number can all be used to uniquely identify you, as can your login and payment details for retail sites. All this data is classified as PII.
Scenario: The pieces of data that can be used to identify an individual.
Key Learning: It is important that you know what data qualifies as personally identifiable information and understand how PII can be combined to identify an individual.
Assessment: Five-question quiz on the content presented in this topic.

Text & Image Screen: We all have a responsibility to protect the data of our clients and employees. Privacy incidents are often caused by people making simple mistakes out of line with our policies.
Interactive Screen: Principles of data protection: notice and purpose, consent, security and access, disclosure and accountability.
Interactive Screen: Real-life example of how to protect data when working remotely.
Scenario: How to protect PII.
Key Learning: Data must be stored securely and accessed only by authorized users. Policies must be in place to protect the anonymity of those about whom the data is stored.
Scenario: Ensuring security of PII.
Key Learning: When using data outside of its normal intended environment, the data must be anonymized so as to remove any trace of PII by which the customer can be identified.
Scenario: Consequences of a data breach.
Key Learning: Not following principles of proper protection of PII can have huge ramifications.
Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: Protecting our information. Protecting confidential information and sensitive data. Classifying information.
Interactive Screen: Examples of the precautions to take when handling information.
Scenario: Sharing company information with a supplier.
Key Learning: Choosing a classification level to apply to your data is a business decision based on how sensitive the data is. When you classify information and then follow the rules that apply, you help protect our company in the event of a security breach.
Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: Sharing information. Confidential disclosure agreement (CDA). Non-disclosure agreement (NDA).
Interactive Screen: Storing and disposing of information. Special considerations. Disposing of confidential information.
Interactive Screen: Real-life examples of sharing sensitive information.
Scenario: Emailing a report containing confidential data.
Key Learning: Don't disclose confidential information unless you have received prior approval from the appropriate department. Never transmit sensitive or confidential information by any method in an unprotected format – use the encryption software authorized by the IT department.
Assessment: Five-question quiz on the content presented in this topic.

Video: Healthcare organizations and professionals are obliged to protect you and the information they hold about you. HIPAA ensures that the use and disclosure of PHI held by medical practices is strictly controlled to protect you.
Interactive Screen: PHI includes any part of your medical record or payment history. Privacy rule. Transaction and Code Set standards. Security rule. Unique Identifiers rule. Enforcement rule.
Interactive Screen: Rules around sharing patient information. Storing patient information.
Scenario: Identify items that are classified as PHI.
Key Learning: PHI is any information about health status, provision of healthcare, or payment for healthcare that can be linked to a specific individual.
Scenario: Rules governing use of PHI.
Key Learning: PHI can be provided without your express written authorization to facilitate treatment, payment, or healthcare operations. Covered entities must follow the correct HIPAA privacy rules or suffer heavy penalties.
Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: Every payment card transaction is protected by strict standards to keep personally identifiable information secure. Consequences of PCI DSS breaches.
Interactive Screen: Payment card dos and don’ts. Know our policies and requirements. Password management. Look out for suspicious activity. Clean house. Keep data inside the building.
Scenario: Investigating credit card fraud.
Key Learning: Credit card data is available at every stage of a transaction, except for order fulfillment.
Scenario: Preventing security breaches.
Key Learning: Gather as much information about a cyber-attack as quickly as possible. Apart from any payment card information that may have been stolen, the criminals may have hidden malware on the network.
Scenario: How to limit scale of breaches.
Key Learning: Once customers have provided their credit card details, the responsibility for this data remains with the merchant, who must ensure the integrity of their procedures, processes, and systems at all times.
Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: How does cloud computing work? Where is your data, and what laws apply to it? Laws in Europe. Access to data. Encrypting data. Using a secure network.
Scenario: Data privacy risks associated with moving customer database to the cloud.
Key Learning: Responsibility and accountability always remain with the company, even if the physical location of the data is disputable.
Scenario: Moving data internationally.
Key Learning: Always comply with our policy when sending PII to another country. If in doubt, remove all the PII.
Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: Data life cycle; create, store, use, archive, and destroy.
Scenario: Storing customer bank details.
Key Learning: Organizations and bodies storing bank account details, PHI, Social Security numbers, etc., are legally obliged to categorize this data as restricted use and are responsible for keeping it secure.
Scenario: Elements of an effective data security plan.
Key Learning: All aspects of security should be considered, including physical documents, hardware, and premises.
Scenario: Identifying confidential data.
Key Learning: Failing to secure confidential data could impact on individuals and also damage the reputation of our company.
Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: The laws around the information to be provided when handing over PII will vary, depending on your location.
Interactive Screen: Privacy statements and your right to be provided with one before disclosing any PII.
Interactive Screen: Real-life examples of disclosure in action.
Scenario: Identifying PII that should not have been included in a report.
Key Learning: An employer has a duty to their employees to protect PII and not disclose such data.
Scenario: What to do if you mistakenly receive PII.
Key Learning: If you find yourself in possession of PII that you shouldn’t have, notify HR and Legal of the disclosure.
Scenario: What do you need to tell people before you can collect their data?
Key Learning: Customer must be informed of how their data will be used, and that data should only be used in a manner consistent with the purpose for which it is obtained.
Assessment: Five-question quiz on the content presented in this topic.

Summary screen that wraps up the module, and attestation screen where learners attest that they will always adhere to data privacy policies.

Join This Course

Category: Courses
* Desktop Version