Livia Dyckhoff shares her top tips on how to bring the key principles of the Data Protection Act alive.
I start off with getting the trainees to brainstorm as many different sorts of data as they can think of with regards that a customer might provide:
- Name.
- Date of birth.
- Shoe size.
- Meter reading.
- Religion.
- Address.
I then get them to break down the different pieces of data into categories:
- Highly sensitive (e.g. debt balance).
- Sensitive (name/address etc).
- Not sensitive (meter reading).
- Not relevant to the company (e.g. religion/shoe size).
This often sparks off a healthy discussion (for example what would be classified differently in a different type of company) - always a good learning experience!
2 Responses
Feedback
Thanks Livia
I will use this the next time I do a session.
Very useful and practical.
I use the following exercises :
I start with a list of 5 True or False questions – The answers are all false – so it makes delegates think and opens their mind to what else they might believe to be a myth.
For the principles – I get them to draw the principles in pictures without using any words. They use scented markers so it engages a number of senses. The fun starts when they have to feedback to the other groups. I’ve found some fantastic examples.
Good luck.
Nitin Parmar
EQ Training
an intersting start which leads to…
… a quick session on summarising the differences between sensitive & non-sensitive data (there’s just two types under the act, or three if you include personal infomraiton that isn’t protected), and the variations in treatment of personal & commercial data, on & offline, and then into the difficulties & confusions in applying the act clearly…
and into an assessment of how fit/unfit the organsiations policies and practices are in applying these standards.
And then a look at what the organsiation’s customers actually expect!
hth
Will