I have researched a range of eLearning tools for many of Cybata's clients. I have learnt that there are so many factors that will impact the right platform for your organisation. Here are some thoughts; - Some of the largest providers are US based and my clients real from the obvious language differRead more
I have researched a range of eLearning tools for many of Cybata’s clients. I have learnt that there are so many factors that will impact the right platform for your organisation. Here are some thoughts;
– Some of the largest providers are US based and my clients real from the obvious language differences.
– Some clients absolutely need SCORM to allow support of existing/additional material from that provided.
– Others absolutely want integration with their HR system.
Some clients need the tool but also need a wider program of supporting materials such as email/social/posters.
– Having the content that chimes with the culture of the business is for me also a critical consideration.
Picking up on the great points made by my fellow contributors. 1. Documenting your decisions is vital. Never put yourself in the position of trying to remember. You might get the decision wrong at the time, or case law may in time make your the wrong one. 2. Improvement. Errors happen, What complianRead more
Picking up on the great points made by my fellow contributors.
1. Documenting your decisions is vital. Never put yourself in the position of trying to remember. You might get the decision wrong at the time, or case law may in time make your the wrong one.
2. Improvement. Errors happen, What compliance systems and regulators want to see is evidence of improvement. Don’t have the same mistake twice or more, that’s a recipe for sever action.
3. Technology – Systems – People. People remain a significant weakness in organisations. Training training and more training is required as only Knowledge makes people better.
Dominga, Like you until I am convinced any system for sharing the data is suitable for the data being shared then I will always defer to the system I know is secure. Great list.
Dominga, Like you until I am convinced any system for sharing the data is suitable for the data being shared then I will always defer to the system I know is secure.
@Ian I prefer your approach. I work on the assumption that GDPR is a long journey. As with any new social change there are early adopters and laggards and everyone else on a spectrum in-between! What this means for me is continuous development of knowledge so people begin to move along the spectrumRead more
Sebastian Norling I prefer your approach. I work on the assumption that GDPR is a long journey. As with any new social change there are early adopters and laggards and everyone else on a spectrum in-between! What this means for me is continuous development of knowledge so people begin to move along the spectrum to where we want them to be. The materials you have created sound great. Keep up the good work.
I too have heard of Smartbox, but have never used them so as with BLueBottles response due diligence the watch word because so many solutions promise so much and under deliver!
I too have heard of Smartbox, but have never used them so as with BLueBottles response due diligence the watch word because so many solutions promise so much and under deliver!
For sending and information that is either commercially sensitive or includes PII I use https://appriver.com/product/email-encryption . All data held in the UK.
Any software tool (not just GDPR), if implemented without team buy in, a great implementation service and quality training, will always be blamed when "it" (the project) does not deliver what was hoped at the outset. A tool is only an 'aid' to doing the job. I recommend/provide DPOrganizer for manyRead more
Any software tool (not just GDPR), if implemented without team buy in, a great implementation service and quality training, will always be blamed when “it” (the project) does not deliver what was hoped at the outset. A tool is only an ‘aid’ to doing the job.
I recommend/provide DPOrganizer for many of my clients because of the ease of use. Most of these clients are SME in size and don’t have big privacy teams to manage OneTrust and other enterprise platforms. I offer a service, with a 6 step model, to take a client with an existing RoPA to having a configured and useable DPOrganizer instance which I then train the users on. I believe a similar process is needed whichever vendors platform is being implemented.
I would also have to consider whether the Catering companies and Restaurants in the Hotel are separate legal entities or not. If they are (often the case) then I would argue if personal data is passed from the hotel to them then they are also Data Processors and they may have Sub-Processors behind tRead more
I would also have to consider whether the Catering companies and Restaurants in the Hotel are separate legal entities or not. If they are (often the case) then I would argue if personal data is passed from the hotel to them then they are also Data Processors and they may have Sub-Processors behind them too. As @Dave_Wylie said, I’ve recently been mapping some very complete Joint DC and DP arrangements. Email me if you’d like so further advice chris@cybata.co.uk
I agree totally with Hellen. I would add that (from my experience) maintaining a good relationship with the complainant, whether or not its formal DSAR or not, can help ensure the request is concluded in the best way possible for all. Issues not managed well at the personal level often grow in naturRead more
I agree totally with Hellen. I would add that (from my experience) maintaining a good relationship with the complainant, whether or not its formal DSAR or not, can help ensure the request is concluded in the best way possible for all. Issues not managed well at the personal level often grow in nature and become more confrontational than they need to be.
UK company providing GDPR training for employees?
Chris Roberts
I have researched a range of eLearning tools for many of Cybata's clients. I have learnt that there are so many factors that will impact the right platform for your organisation. Here are some thoughts; - Some of the largest providers are US based and my clients real from the obvious language differRead more
I have researched a range of eLearning tools for many of Cybata’s clients. I have learnt that there are so many factors that will impact the right platform for your organisation. Here are some thoughts;
– Some of the largest providers are US based and my clients real from the obvious language differences.
– Some clients absolutely need SCORM to allow support of existing/additional material from that provided.
– Others absolutely want integration with their HR system.
Some clients need the tool but also need a wider program of supporting materials such as email/social/posters.
– Having the content that chimes with the culture of the business is for me also a critical consideration.
Happy to have a conversation if desired – chris@cybata.co.uk
See lessDSAR disaster!
Chris Roberts
Picking up on the great points made by my fellow contributors. 1. Documenting your decisions is vital. Never put yourself in the position of trying to remember. You might get the decision wrong at the time, or case law may in time make your the wrong one. 2. Improvement. Errors happen, What complianRead more
Picking up on the great points made by my fellow contributors.
1. Documenting your decisions is vital. Never put yourself in the position of trying to remember. You might get the decision wrong at the time, or case law may in time make your the wrong one.
2. Improvement. Errors happen, What compliance systems and regulators want to see is evidence of improvement. Don’t have the same mistake twice or more, that’s a recipe for sever action.
3. Technology – Systems – People. People remain a significant weakness in organisations. Training training and more training is required as only Knowledge makes people better.
Good luck.
See lessRightly.co.uk
Chris Roberts
Dominga, Like you until I am convinced any system for sharing the data is suitable for the data being shared then I will always defer to the system I know is secure. Great list.
Dominga, Like you until I am convinced any system for sharing the data is suitable for the data being shared then I will always defer to the system I know is secure.
Great list.
See lessGDPR 3rd year anniversary messages
Chris Roberts
@Ian I prefer your approach. I work on the assumption that GDPR is a long journey. As with any new social change there are early adopters and laggards and everyone else on a spectrum in-between! What this means for me is continuous development of knowledge so people begin to move along the spectrumRead more
Sebastian Norling I prefer your approach. I work on the assumption that GDPR is a long journey. As with any new social change there are early adopters and laggards and everyone else on a spectrum in-between! What this means for me is continuous development of knowledge so people begin to move along the spectrum to where we want them to be. The materials you have created sound great. Keep up the good work.
See lessExtracting emails and duplication of data in SARs
Chris Roberts
I too have heard of Smartbox, but have never used them so as with BLueBottles response due diligence the watch word because so many solutions promise so much and under deliver!
I too have heard of Smartbox, but have never used them so as with BLueBottles response due diligence the watch word because so many solutions promise so much and under deliver!
See lessClient wanting to solicit to our contact database
Chris Roberts
I would follow Hellen's advice.
I would follow Hellen’s advice.
See lessSending Information in an Access Request
Chris Roberts
For sending and information that is either commercially sensitive or includes PII I use https://appriver.com/product/email-encryption . All data held in the UK.
For sending and information that is either commercially sensitive or includes PII I use https://appriver.com/product/email-encryption . All data held in the UK.
See lessGDPR Managment Tools
Chris Roberts
Any software tool (not just GDPR), if implemented without team buy in, a great implementation service and quality training, will always be blamed when "it" (the project) does not deliver what was hoped at the outset. A tool is only an 'aid' to doing the job. I recommend/provide DPOrganizer for manyRead more
Any software tool (not just GDPR), if implemented without team buy in, a great implementation service and quality training, will always be blamed when “it” (the project) does not deliver what was hoped at the outset. A tool is only an ‘aid’ to doing the job.
I recommend/provide DPOrganizer for many of my clients because of the ease of use. Most of these clients are SME in size and don’t have big privacy teams to manage OneTrust and other enterprise platforms. I offer a service, with a 6 step model, to take a client with an existing RoPA to having a configured and useable DPOrganizer instance which I then train the users on. I believe a similar process is needed whichever vendors platform is being implemented.
See lessHotels and employee personal data
Chris Roberts
I would also have to consider whether the Catering companies and Restaurants in the Hotel are separate legal entities or not. If they are (often the case) then I would argue if personal data is passed from the hotel to them then they are also Data Processors and they may have Sub-Processors behind tRead more
I would also have to consider whether the Catering companies and Restaurants in the Hotel are separate legal entities or not. If they are (often the case) then I would argue if personal data is passed from the hotel to them then they are also Data Processors and they may have Sub-Processors behind them too. As @Dave_Wylie said, I’ve recently been mapping some very complete Joint DC and DP arrangements. Email me if you’d like so further advice chris@cybata.co.uk
See lessCan we disclose information about a complaint to the person being complained about?
Chris Roberts
I agree totally with Hellen. I would add that (from my experience) maintaining a good relationship with the complainant, whether or not its formal DSAR or not, can help ensure the request is concluded in the best way possible for all. Issues not managed well at the personal level often grow in naturRead more
I agree totally with Hellen. I would add that (from my experience) maintaining a good relationship with the complainant, whether or not its formal DSAR or not, can help ensure the request is concluded in the best way possible for all. Issues not managed well at the personal level often grow in nature and become more confrontational than they need to be.
See less