Specialised roles or functions with key data protection responsibilities (such as DPOs, subject access and records management teams) receive additional training and professional development beyond the basic level provided to all staff.
Ways to meet our expectations:
- You complete a training needs analysis for information governance and data protection staff to inform the training plan and to ensure it is specific to the individual’s responsibilities.
- You detail training and skills requirements in job descriptions.
- You have evidence to confirm that key roles complete up-to-date and appropriate specialised training and professional development, and they are subject to proportionate refresher training.
- You keep on record copies of the training material provided as well as details of who receives the training.
Can you answer yes to the following questions?
- Do staff consider that you identify their training needs specifically?
- Are there appropriate plans to meet those needs?
- Are the training materials effective?