Questionmark, the online assessment provider, has released a new ready-made test to help organizations guard against a data breach. “GDPR for business professionals” will tell organizations how well their people understand their responsibilities. This will help avoid fines and demonstrate compliance to regulators.
Questionmark, the online assessment provider, has released a new ready-made test to help organizations guard against a data breach. “GDPR for business professionals” will tell organizations how well their people understand their responsibilities.
The test is designed for employees who use personal data as part of their job role or who are involved in managing the organization’s data policy.
The General Data Protection Regulations (GDPR) were rolled out across the European Union (EU) in May 2018. They regulate the way that organizations operating within the EU can obtain, store and process data. These include US organizations with EU activities.
Despite an initial burst of publicity around the consequences, organizations have found adjusting difficult. Only 20% believe they are fully GDPR compliant.1 Yet a breach in GDPR can incur a fine of €20million. Larger organizations could have to forfeit 4% of global turnover.
A GDPR breach, using someone’s data incorrectly or without the right permissions, is a risk to an organization in all circumstances. With much of the workforce currently working from home the threats are greater. Using personal devices and depending on cloud networks are not forbidden by the legislation, but they can risk a breach if not managed carefully.2
GDPR fines are at the discretion of the national regulator. When a breach occurs, authorities often start by looking at how organizations implemented the regulations. Demonstrating strong awareness among staff and the effectiveness of training could be a crucial defense.
John Kleeman, Founder and Executive Director of Questionmark said, “GDPR has been in place for two years. Regulators feel that people should have adjusted by now and they will start showing their teeth. ‘GDPR for business professionals’ will give organizations confidence that relevant staff members understand what’s expected of them. Where there are dangerous gaps in knowledge and practice, action can be taken. The assessment can also be used to test the effectiveness of training around GDPR and good data practices.”
The test asks the participant to answer 25 multiple-choice questions within 45 minutes. Questions are randomized so that no two test-takers need sit an identical assessment. At the end of the assessment, the participant is given detailed feedback on incorrect answers.
Managers can run reports to view performance across the organization. The data are instantly compiled and easy to analyze.
The test covers:
- GDPR applicability and key concepts
- Awareness of EU privacy regulation and other data protection laws
- Processing of personal data and special categories of data
- Relationship between data controllers, data processors, data subjects and data sub-processors
- Personal data breaches and consequences
- International data transfers and appropriate safeguards
- Data subject rights
- Communication
- Records of processing
- Technical and organizational measures
Through its enterprise-grade platform, Questionmark has been pioneering online assessments for 30 years. It now provides ready-made assessment content, such as “GDPR for business professionals”, as well as the assessment platform and professional services. Other parts of the Questionmark assessment content offer include:
- QM Thinking Skills, a critical thinking and problem-solving assessment
- QM Cybersecurity for home-based workers, which enables organizations to guard against fines, breaches in reputation and important work being lost
Questionmark works with organizations including Fortune 500 and FTSE100 businesses, government, academic and public sector organizations worldwide.
For more information, visit the GDPR page on the Questionmark website.