The importance of training employees for the upcoming EU General Data Protection Regulation (GDPR)

The importance of training employees for the upcoming EU General Data Protection Regulation (GDPR)

Employee training has always been an important element of compliance for data protection. With the forthcoming introduction of the General Data Protection Regulation (GDPR) that will come into effect in May 2018, employee training becomes even more important.

Employees should understand the financial and reputational risks to the organization in the event of data breaches within the organization. One of the new aspects of GDPR will be an obligation to report data breaches within 72 hours to the Information Commissioner’s Office, as well as potentially notifying individuals who have had their data compromised.

An important component of the new regulation is the need for organizations to provide evidence of their compliance with GDPR (currently such reporting is not obligatory) and therefore staff training and the recording and monitoring of staff training will be a vital aspect of  a company’s reporting obligations. In addition, under Article 43, the GDPR requires “the appropriate data protection training to personnel having permanent or regular access to personal data.”

The Data Protection Commissioner’s Office will assess a company’s overall commitment to data protection, therefore the quality of training and commitment for further employee development is key. It is strongly encouraged to spread the message about privacy, data protection and security across all employees in the company.

All employees who have access to personal data should be made aware of their responsibilities under data protection law. EIMF is offering several GDPR workshops over the next few months that will provide employees with an understanding of data protection rights and responsibilities in line with the new GDPR.

Find below a list of planned workshops. If you need any additional information or want to customize and deliver any of the below inhouse please email us at


EU GDPR Workshop, Limassol 18-19 September

EU GDPR Workshop, Nicosia 11-12 October

EU GDPR Workshop, Nicosia 13-14 November

Cyber Security: an overview of the global landscape, the defence strategies and the GDPR, Limassol 7-8 December