3 reasons not to panic about GDPR training
![Businessman thinking](https://staging-website.spongedev.net/imager/images/69344/Businessman-thinking_5ae402c9837860cd6e4f65e304b3a5fa.jpg)
There have been 325,000 mentions of GDPR on social media in the space of just four months ā and thatās in the UK alone. In the two months of January and February 2018, GDPR cropped up 184,000 times in the social chatter.
So, if you and your team are worried about GDPR and its imminent arrival on 25 May, youāre not alone.
Indeed, a recent white paper compiled by Forbes and US tech firm ASG Technologies reported that almost half of organisations globally ā 47% ā expressed serious doubts that they would be ready. Interestingly, the white paper said that companies were getting panicky because they recognised how terrible it would be for their reputation if an incident of non-compliance occurred.
But thereās no need to panic. You can get your GDPR training plan up and running in no time, even from a standing start.Ā We know this because in the past few weeks, weāve helped many businesses get up to speed on training their workforce for GDPR compliance.
The 3 reasons not to panic
1. There isnāt an apocalypse
GDPR Day is nothing like the millennium bug also know as the Y2K problem, when we all feared a massive systems meltdown on the stroke of midnight if our tech wasnāt āYear 2000 compliantā. The UKās Information Commissioner, Elizabeth Denham has said: āI want to reassure those that have GDPR preparations in train that thereās no need for a Y2K level of fear.ā
The message is that for those who are preparing, there is no cliff edge on 25 May; no apocalypse scenario. But there is a need for L&D to make a start now on implementing a training plan. Do that, and youāre already on your way to compliance.
2. Build on existing foundations
You probably already have some compliance training in place and it might even include data protection as one of the topics. Think about how you can augment this training quickly so that it reflects the new requirements of GDPR. One organisation-wide solution which has immediate impact is Spongeās specially-developed game, GDPR ā Sorted!
The game gives all staff a grounding in the basics of GDPR so that theyāre aware of the risks to look out for and have the knowledge to prevent potential breaches. Ā In the game, employees must work their way through a series of experiential scenarios where they are required to make decisions. They get to understand that GDPR isnāt just four letters they donāt need to know about, but a topic with real consequences in the event of a compliance failure.
āI want to reassure those that have GDPR preparations in train that thereās no need for a Y2K level of fear.ā Elizabeth Denham UK Information Commissioner
3. GDPR is an ongoing journey
Think of 25 May as staging post. If your organisation isnāt GDPR-ready by implementation day, then ā for the reasons outlined earlier ā itās important to show youāve at least made a start in training staff. So, it really isnāt too late to begin putting plans in place.
Prepare for the long haul by drawing up a sound, sustainable GDPR training plan that will make data protection a way of life for your organisation. Our earlier blog has some great ideas on how you can forge a strong GDPR training campaign.
Having a continuous training plan will enable you to make the inevitable changes along the way and embed good data protection habits across the business. As Commissioner Denham explains: āGDPR is an evolutionary process for organisations ā 25 May is the date the legislation takes effect, but no business stands still. You will be expected to continue to identify and address emerging privacy and security risks in the weeks, months and years beyond May 2018.ā
Now is not the time to panic; now is the time to activate your rapid GDPR rescue plan!