With the ongoing growth of technology and the digital economy, companies are amassing huge amounts of personal information from their customers. Unfortunately, the collection and storage of this data comes with a risk – the risk that the information could be lost, accessed or misused. We’ve recently seen the true scale of the impact that these data breaches can have on businesses, worldwide. Which is why it’s more important than ever for organisations to make sure they’re protecting customer data and reducing their compliance risk.
For Australian businesses, changes to laws around data breaches are a serious prompt to get up-to-date with compliance rules. There are grim consequences of non-compliance, including legal proceedings, fines and penalties, and the loss of income and reputation. In fact, in the case of corporations, you could now be at risk of paying civil penalties of an amount up to $1.8 million.
How would you respond if your organisation discovered a serious data breach? What plan do you have in place to protect your reputation and business operations?
It’s vital that you think about ways to make sure your business is safeguarding against the event of a data breach. Here, we’ll look at how eLearning can be used to educate employees around information and data security, helping to reduce your compliance risk.
With the passing of the Privacy Amendment (Notifiable Data Breaches) Bill 2016 in Parliament, companies will no longer have the luxury of hiding their breaches.
Once enacted into law on 22 February 2018, businesses that fail to show they have the right measures in place – or are at least making efforts to – will face fines and a big hit to their reputation. So what are these measures?
Companies must notify both the Office of the Australian Information Commissioner (OAIC) and affected individuals of any eligible data breaches. This will give individuals the opportunity to re-secure or change their data, while also putting pressure on organisations to improve their data security practices in the first place.
Graham Pyper, in a recent article for Australasian Lawyer, believes that in a year’s time, “we’ll start to get the real picture of how seriously businesses are taking the security of their data – and the number of breaches really taking place.”
Australian companies who aren’t paying proper attention to compliance will be thrown in the spotlight – and you don’t want to be one of them. Educating staff about data security and compliance is key to minimising risks. If you haven’t been taking your compliance training seriously, or treating it like a bit of a ‘tick and flick,’ it might be time to think about approaching it in a new way.
Earlier, we published an article on how eLearning can reduce your compliance risk, with online courses breaking the “boring mold of compliance risk learning.”
As we explained then, online training is the best way to reduce compliancy risk for companies, due to the huge variety of learning methods available. Through eLearning platforms, you can use “simulations, quizzes, stories, gamification, role-play, audio, video, and almost any other multimedia you can think of! That’s a whole load of ways to take students through the complicated maze of compliance.”
Using methods such as storytelling or gaming to include ‘real world’ scenarios is a far more effective way to help staff understand the important of compliance. In this way, online training can highlight data breach situations that other companies have been faced with – and dealt with successfully or unsuccessfully.
“Rather than explain compliance through a theory-focused, boring textbook-led method, the use of stories in compliance makes lessons relevant, exciting, and practical so that they can be put into practice quickly.”
If you’re an Australian business looking to get things in order before the new data breach laws, it would be wise to step up your employee compliance training now. Investing some time and money in this area is the best way to significantly reduce your compliance risk.