The Michalsons Data Protection Programme is a valuable resource for helping your organisation to learn and process personal data lawfully. With it, you can build a culture of data protection within your business and give your people the power and capacity to comply with the law themselves. But the amount of information in it can sometimes be overwhelming, especially if you are busy with your first data protection project. The good news is that we have built the programme in a way that allows both structure and flexibility, depending on your priorities or level of experience. In short, it’s up to you to decide how to use our data protection programme!
How to use our data protection programme
We have had the pleasure of helping more than 50 organisations through our data protection compliance programme, and each one has had its own unique focus, concerns, and prioritised actions. Through all of these projects, we have seen two main paths arise:
Users who blaze through it all
Some of our users want to understand the entirety of data protection law. To do this, they start with our Introduction modules, and proceed through all each module under our four steps of data protection compliance: Learn, Plan, Protect, and Sustain. Each module follows on from and builds on the one before it, helping to build a broad and systematic understanding the law, its effects, and the actions you can take.
This path is useful where you want to know how everything fits together. The users who follow this path are usually:
- large organisations,
- people who don’t know much about data protection law, or
- personnel who want a breadth of knowledge on all data protection issues.
Users who pick out individual pieces
Other users want to understand only those aspects of data protection law that are relevant to their specific circumstances. To do this they usually receive guidance from us, their Information Officer, or their managers about what modules are most applicable to them, and proceed to work through only those modules, regardless of where they appear in the programme. These modules will answer questions on specific areas of data protection law, and help give a focused understanding on what to be aware of in a given situation.
This path is useful where you want to know how one specific area is affected. The users who follow this path are usually:
- small organisations,
- people with a firm understanding of data protection law, or
- specific personnel who have been guided on which modules are most important to them.
Why not both?
We have seen many organisations use the programme along both paths. Often the head of compliance will blaze through the entire programme, and direct other employees to pick out individual modules that apply to their specific circumstances. This is in fact why we provide the programme to an organisation as a group, instead of to individual employees. This allows the organisation as a whole the freedom to work through it in a style that works for them.
It’s useful (and also probably a relief) to know that not every person who is a member of the programme has to work through every module.
Which way is the right way?
We have designed our programme to be a tool that is as accessible as it is valuable. How you use it depends entirely on your own goals for your data protection project. Are you the head of legal and compliance, wanting to work through it step-by-step so get a detailed understanding of the entire data protection ecosystem? Or are you an HR manager, looking for simple answers on how data protection law applies to your specific role? Either way, we have you covered.
What are your thoughts on how to use our data protection programme?