New research from MediaPro has revealed that 59% of US employees surveyed cited the EU General Data Protection Regulation (GDPR) as being ‘completely new’ to them. With just over four months until the Regulation comes into effect, this is extremely worrying.
The 2018 Eye On Privacy Report questioned 1,007 US employees from a number of industries about their knowledge of different data privacy regulations.
78% of employees in the education sector were ‘completely new’ to the GDPR, closely followed by government industry (70%).
When asked about potential privacy scenarios, 8% of respondents were unsure whether to report an incident where they discovered that a cyber criminal had stolen the names, addresses, and birth dates of several clients. While 91% of respondents did correctly identify this as a reportable instance, the 8% who did not shows that knowledge is not where it should be, leaving organizations open to “unnecessary risks”.
When the same privacy scenario was broken down by industry, surprisingly it was the technology industry that was most unsure about whether to report it as a privacy incident. Just 82% correctly identified it as a reportable incident, followed by finance (86%) and healthcare (90%).
Steve Conrad, MediaPro’s managing director, said:
The 2018 Eye on Privacy Report shows companies could be doing a better job educating their employees about how to handle sensitive data. It’s time to stop playing with fire when it comes to data privacy – before it’s too late.
When dealing with confidential and sensitive information, employees need to be aware of internal security policies and procedures, as well as information security best practice.
A key component of any organization’s GDPR compliance framework is staff awareness and education. With significant fines for non-compliance, it is essential that staff have an understanding of the new Regulation’s requirements. Organizations have 72 hours to submit a notification of a breach that poses a high risk to the rights and freedoms of EU residents.
Are your staff aware of the GDPR?
Human error and lack of employee awareness around data security are growing concerns, and MediaPro’s findings reiterate the importance of educating staff about the risks that they could unintentionally inflict on their employer. Data breaches could incur fines and result in reputational damage among customers and stakeholders. Don’t let your staff be your downfall.
The GDPR Staff Awareness E-learning Course is a quick, affordable, and effective means of delivering training to multiple learners with minimal disruption. It defines the scope of the Regulation and introduces the principles for collecting and processing personal information.