Using the Knowledge Bank

This year, and in particular since the start of this academic year, we’ve been adding new areas to the already extensive functionalities that the Knowledge Bank offers your organisation.

We thought it would be great to break down each area of the website, and how your organisation can use the different tools and benefit from them. We’ve broken down the tools and functionalities into four different areas- GDPR Compliance Tools, Training, the Best Practice Library and Content. In addition to this, as we’re always in the process of adding new tools and capabilities to the Knowledge Bank, this article will be updated to ensure you can always come back to it and know that the list below is an extensive one.

GDPR Compliance Tools

Logs for Breaches, SARs, FOI requests- On the Knowledge Bank we have an area where your organisation can log any breaches, subject access requests, or freedom of information requests. These logs then allow you to document all of the necessary information such as the name of your organisation, the dates the requests were received, the date you need to respond by, as well as details of the request(s). These logs also have an area where your DPO can respond with any comments, and suggested action(s), where relevant. These logs can then be referred back to in the future, knowing that all of the information has been documented and is accurate.

Core DPO Help Desk- This is our main support function, where you can email us with any questions or help you need on any topic to do with data protection and our services, from asking our advice on dealing with a breach, to help with account issues when using the Knowledge Bank. When you email us on, the email enters our ticketing system where a DPO will respond and help with your query.

Compliance Manager- This area of the Knowledge Bank offers organisations an area where they can upload any documents/forms/procedures (they don’t specifically have to be GDPR related). Your organisation can then assign the document to a member of staff, or multiple members of staff, and ask them to read it. Once they have done so, there is a ‘read and understood’ function that tells the organisation the number of staff that have read and understood the document. There is also a ‘used in practice’ function that works the same as ‘read and understood’.

Record of Processing- Under Article 30 of the EU GDPR, organisations must complete records of processing activities, such as the process of sharing data with third party suppliers. This is to identify the life cycle of the data that is shared- what types data is shared, how it is stored, what protection there is in place etc. Our RoP tool allows you to map in great detail the different steps involved for any processes that your organisation undertakes when it comes to using/sharing data in any way. 

Redaction- Our redaction tool is generally used for subject access requests, where you may need to redact information that is about a data subject other than the individual who has submitted a SAR. The tool allows you to upload any document, and then redact any of the text by highlighting it. Once you’ve made the necessary changes, you can then download the redacted version to use how you wish. The redaction tool can be used independently, or you can ask us for some support using it.

Fishing Simulations- The fishing simulation tool allows your organisation to send spoof email scam simulations to members of staff, as a training tool in raising awareness of emails that can contain harmful software. Your organisation can then see the number of staff that opened the spoof email, as well as the number of staff that clicked on the ‘harmful’ link in the email. With the ever increasing number of cyber attacks, particularly in the education sector, this can be a powerful tool in ensuring staff are vigilant when receiving emails and opening up attachments that could potentially be harmful.

Training

Online Course- On the Knowledge Bank we have a number of online training courses that staff can complete, which are data protection oriented, and each one focuses on a different aspect. Our main, and longest training course is GDPR 101, which provides a basic understanding of the general principles of GDPR. The others that we offer are shorter 20 minute or so courses on things from data breaches to working from home. Any staff member can complete any of the courses, and once they have completed them they receive a certificate to their registered email address. The courses are great for ensuring that staff are aware of their requirements when it comes to being GDPR compliant, and the risks they should be aware of.

Reports- The report function allows an organisation to monitor staff training levels and receive email notifications depending on the seniority level of the user.

Certificates Log- An area that has DPE’s own certificates. There is also the option for you to upload your own certificates, which can then be assigned to members of staff.

Best Practice Library

Key Topic Area- Our Best Practice Library has extensive coverage on numerous topics related to being GDPR compliant, from breaches, sars and foi’s to clear desk policy, biometrics and working out of school. Each area on the Best Practice Library offers our guidance on that topic, with any relevant documents and information, a checklist for your organisation to work through and ensure you are completing, as well as an faq area, and the opportunity to ask us a question relating to that topic, which we’ll answer for you. 

Data Protection Education Model Policies- We also offer organisations an extensive list of model policies and procedures, which your organisation can download and edit as you wish, including your organisation name and making any relevant amendments to certain provisions.

You can then use this as your own across your organisation. Should you have your own policy/procedure in place, we can also review them to ensure they have everything in them that needs to be there.

Compliance Checklist- This allows you to monitor your organisation’s compliance with data protection regulations, plan the areas you need to work on/complete, and check off the things you are already compliant with.

Using the Knowledge Bank- And to tie all of these areas together, we have help videos and guides on how to use the different capabilities and get the most out of the Knowledge Bank. We’ll be building these videos up in the future, so it's worth a regular check if you are unsure on how to best use a specific function of the website.

Content

Webinars- On the events page on the Knowledge Bank, we have and will continue to add webinar events on different topics, which anyone can sign up to for free. They all take place online and will last around an hour. 

Written Content- We also have regular written content uploaded to the news page which involve different blog posts, key data protection news articles, as well as articles breaking down any new legislation and guidance as they happen.

 

Subscribe to our newsletter

Please enable the javascript to submit this form

Search