You are a part of data protection system at your organization
Check internal policies and procedures to get clarity on your duties
List all issues and doubts – do not hesitate to ask and consult
Although most duties rest on your employer, compliance with data protection law is not something dependent totally on top management. All the opposite – also lower pay grades can cause or prevent a serious data breach. You are a part of the organization and the organization as a whole works as one data protection system.
In this training, we talk about standards that every single employee should know about. These seemingly simple rules are often not followed, or even known. Many data protection projects end up with adopting documentation that has never been communicated to most employees.
But if there was a data protection project, your organization most likely has documentation, has run a training or implemented awareness-raising. Get back to those products and find the most current version.
Under internal regulations, you can have additional roles on data protection: for instance a process owner, an asset owner, a contact point or a person obliged to follow specific security rules (e.g. on use of private equipment for business purposes, to work from home etc.). You can also become a data protection officer, if such duties do not conflict with your other tasks.
No matter what your role is, list all the issues where you lack clarity on how to protect data in daily work. Send those questions to a person responsible for privacy, your superior or even top management – not just to make sure you are doing good job, but perhaps to help other staff members get their answers. Raising some issues may help increase data protection level and your confidence, so do not hesitate to ask.
Table of contents:
Self-implement GDPR in 16 steps: