Information Security Smart – GDPR

GDPR is new EU regulation that covers peoples’ personal data.
It imposes much tougher restrictions on how EU residents’ personal data is used and it applies to anyone who uses their data; worldwide.


  • Corporate
  • Legal

Available as

  • Off the shelf
  • Fully Bespoke

Approximate course time: 60 minutes

This course is sectioned into three modules:

  1. GDPR
  2. Information Security
  3. Being Safe Online

Each of these three modules runsfor approximately 20 minutes and can be provided as a separate, standalone course.

This course contains a blend of text, graphics and audio-visual content.

All modules have user assessments threaded throughout the learning content. An optional end-of-course test assesses learners on the level of knowledge they’ve retained. Pass rates can be set as required.

Module 1: GDPR

This 20-minute course will ensure your organisation is ready for the significant changes to data protection that GDPR brings. It will highlight key areas of change and the actions required to ensure your organisation will comply.

Learners will gain a thorough understanding on all aspects of GDPR.

Course Objectives

  • Explain why the EU has introduced GDPR and what impact this has on the UK
  • Explain the specific requirements under the new regulations
  • Outline the scope of GDPR, specifically the concepts of consent, design by privacy and the role of Data Protection Officers
  • Outline the implications of failing to comply
  • Outline the various enhanced rights of ‘data subjects’
  • Explain that organisations must report data breaches within specific timeframes
  • Provide a checklist against the legal framework for organisations to adopt in readiness for GDPR


Module 2: Information Security

This 20-minute module introduces the concept of information security and outlines best practices to avoid data breaches, protect information assets, avoid damage to reputation and comply with the law.

It also outlines how organisations and individuals can manage risk and external threats to Information Security from hackers and fraudsters – this includes phishing, fraud, managing risks with devices, software, emails, the web at home and at work.

Course Objectives

  • Explain how Information Security links to the GDPR
  • Explain the importance of strong passwords, and how they should be managed
  • Identify examples of a strong password
  • Explain how to set strong passwords and keep them safe
  • Give an illustrative example of a workplace situation presenting a GDPR risk relating to the security of paper records
  • Explain how to achieve a secure office in terms of paper records and laptops/devices
  • Explain how to secure personal devices
  • Give an illustrative example of a workplace situation presenting a GDPR risk relating to working at home
  • Explain how to work at home securely
  • Explain how to work securely when out of the office/travelling


Module 3: Being Safe Online

This 20-minute module focuses on the risks associated with common online behaviour at work, in public places and at home.

It outlines the ways in which organisations and individuals can behave responsibly when using social media, their own devices or Intellectual Property (IP) to mitigate against threats to Information Security.

Course Objectives

  • Explain how Being Safe Online links to the GDPR
  • Give an illustrative example of a workplace situation presenting a GDPR risk relating to Social Media
  • Explain what type of image is safe to use on a Social Media profile – and what should be avoided
  • Explain how to use Social Media safely at work
  • Give an overview of the dangers of ‘phishing’ and what to do about them.
  • Explain that mobile devices are also vulnerable to Phishing
  • Give an illustrative example of a workplace situation presenting a GDPR risk relating to viruses
  • Explain how to handle a suspected virus infection on a work computer
  • Explain how to avoid virus problems at work


VIDEOSShowcase Videos