The General Data Protection Regulation (GDPR) will be written into EU law next year, although companies need to start their GDPR compliance programs now if they are to ensure they are fully compliant before the May 25, 2018 deadline.
Any company that is discovered not to be in compliance with the new regulation after that date faces a stiff financial penalty. The maximum fine for non-compliance with GDPR is $20 million Euros or 4% of the company’s global annual turnover, whichever is the greater. GDPR compliance is not optional. Any company doing business in any of the 28 EU member states is required to comply with the new regulation.
The main aim of GDPR is to strengthen data protection rights of individuals and facilitate the free flow of personal data in the digital single market. GDPR means individuals will be given much greater control over their data.
Ensuring GDPR compliance is likely to be a major challenge for organizations, but also for their employees. Employees will need to be trained to ensure they are fully aware of the requirements of GDPR and the changes that they will need to make regarding the handling of data.
PhishMe, the leading provider of phishing defense and intelligence solutions, is offering enterprises assistance with training staff on GDPR requirements. PhishMe has now added a complimentary GDPR compliance training module to the PhishMe CBFree™ library.
Any organisation can access and use the training module, even if the company is not a customer of PhishMe. The training module can be downloaded from the PhishMe website and shared with employees to help prepare them ahead of the May 2018 deadline for compliance.
The PhishMe training module covers all the necessary components of the regulations including classifications of personal data, the GDPR data breach definition, guidelines for data security and privacy, the penalties for non-compliance, the role employees will play and ways organizations can decrease risk.
Jeff Orloff, PhishMe’s Director of Content explained why the company added the new module, “The goal of PhishMe’s CBFree program is to provide timely, relevant content to help companies and their employees deal with relevant threats, trends and compliance in security. With the impending General Data Protection Regulations, we wanted to provide a simple, straightforward way for all companies to prepare for the pending changes.”