We are excited to introduce our hot-off-the-press Data Privacy Training! With several new data privacy laws coming into effect in 2023…are you and your employees ready? Preparing for these upcoming changes is like preparing for winter for the first time as an adult. You know it’s coming, and you know you need to prepare. But what exactly do you need to do, and when? You may be wondering:

  • Do your employees need Data Privacy Training? Or a refresher course?
  • Do you need to update your company policies?
  • Does everyone need to do it?
  • What topics should a Data Privacy course cover?

Have no fear, we’ve got you covered. Supporting Legal, HR and Compliance leaders to help train their workforce on relevant laws is what we do. We just so happen to do it with cringe-free, modern compliance training.

What is Data Privacy Training?

Data Privacy Training is generally designed to teach employees the basics of data privacy and data security, and also educate employees about their roles and responsibilities in processing the personal information they encounter in the workplace (whether it be the personal data of customers, clients, employees, or others).

  • Data privacy laws are becoming more prevalent in the U.S., including in states like California, Colorado, Utah, Connecticut, and Virginia. Unlike Harassment Prevention Training however, where state laws outline specific topics that must be covered in training, data privacy training requirements often establish a general training requirement, but don’t specify what exactly must be covered.
  • Employees should be trained on their company’s specific policies and procedures related to data protection, but it is also important for employees to understand the basic principles of data protection and data security as well.
  • The more your employees understand the expectations for the proper handling of personal data, the better. There are countless examples of companies of all shapes and sizes who have been impacted by improper handling of personal data.

Do your employees need Data Privacy training?

It depends. Some companies are required by law or contract to provide some or all of their employees data protection training. The International Association of Privacy Professionals (IAPP) gives general guidance on what states will be enacting these laws, and who is exempted or possibly affected.

But regardless of whether your company is required to provide training, it is generally a best practice to educate your workforce on data protection principles, and to teach them how to properly handle personal data in their possession.

Why Should You Offer Data Privacy Training?

Regardless of whether your company is subject to data privacy laws in the U.S. or abroad, or is otherwise required to provide training to your employees, it is still a good idea to be proactive in your data privacy training efforts. It’s kind of like buying a snow shovel to prepare for winter…before the first snowfall is forecasted. Here are three reasons to implement data privacy training now regardless of any specific requirement:

1. Educate employees

Data privacy training helps employees understand the legal landscape of data privacy both in the U.S. and abroad. It gives you a chance to share your company’s policies and best practices for the proper handling and transmission of personal data. It is also important to tell employees the importance of protecting personal data from any security incident, as well as where to go and what steps to follow in the event of such an incident.

While it can be difficult to ensure that all your employees, including new hires receive their training, Ethena can help. With configurations to recommend Data Privacy Training to certain employees, we take this manual administrative work off your plate (ie, we come ready with a snowplow so you don’t have to shovel).

2. Signal you take Data Privacy seriously

Implementing data privacy training on your own volition is a signal to employees, shareholders, regulators and the public that your company and leadership takes data protection seriously. It helps ensure your company is taking the proper steps to help protect itself from legal and financial risks associated with the mishandling of data.

3. Repetition builds retention

Conducting data privacy training refresher courses annually can be a good proactive step to keep data handling best practices top of mind. With Ethena, this can be done easily. Three continuous learning modules are available in the Data Privacy content library and are ready for manual assignment. Want to set it and forget it? Enroll your learners in recurring continuous learning to receive two short trainings automatically throughout the year.

What topics are included in Ethena’s Data Privacy course?

With Ethena, we’ve got you covered. Our Data Privacy course covers the below topics, and we still have more add-on microlessons in the works!

​Course SectionLengthTopics
Core Curriculum Module25 minutes​• Data Privacy Introduction
• Privacy Basics
• Legal Landscape (GDPR, CCPA/CPRA)
• Data Rights
Optional Continuous Learning Microlessons3-7 minutes​• GDPR Deep-Dive
​• CCPA/CPRA Deep-Dive

Role Specific:
• Data Privacy & Sales
• Data Privacy & Marketing
• Data Privacy, PHI, and HIPAA

What sets Ethena’s Data Privacy course apart?

At Ethena, we’re committed to compliance training that changes workplaces. We were founded on the principle of not making mere “check-the-box” compliance training. So let’s dive into what sets Ethena’s Data Privacy course apart.

1. Role-Specific Data Privacy Training

Certain departments are more likely to handle personal data than others. And so we’ve developed training modules that are more tailored to their specific job duties.

Data Privacy & Sales

This course goes into best practices for properly sourcing and storing business contact data, as well as outreach requirements, data minimization, and storage limits. Additionally, it covers sales best practices as actionable takeaways, like screening against “do not call” registers before telephone marketing, and including opt-out links in email marketing – to name a few.

Data Privacy & Marketing

For our marketing course, we also cover topics like the Telephone Consumer Protection Act, email marketing laws, cookie-based marketing, and other topics. The actionable takeaways from this course cover marketing best practices such as checking local opt-in requirements for email marketing, creating and maintaining marketing suppression lists, and more.

2. Short modules that keep employees engaged

Ethena has been long committed to delivering content in innovative mediums to help employees learn. In our new Data Privacy course, we’ve broken the topics into short modules that are designed to keep employees engaged. We’ve added multimedia components along with a new storytelling format that we’ve never done before. This course curriculum is the first of its kind where the illustrations follow a narrative story throughout each module that an employee can follow, helping them retain and stay engaged with the training content longer.

Illustration by Megan Ruiz. IG: @Meganroseruiz, www.meganroseruiz.com

3. Realistic workplace scenarios

Preparing your employees for realistic workplace scenarios is where Ethena shines. No more dramatic black and white situations where the answer is obvious in training, but is not so obvious in a workplace setting. We believe the “gray area” situations need to be addressed, and your employees need to know best practices for handling these situations when they arise. Our inclusion-first lens to training makes sure to include a diversity of character names and character types, allowing for modern workplace scenarios to be truly relevant and relatable to today’s teams.

4. CCPA and CPRA training enforcement

Under the CCPA (California Consumer Privacy Act), covered businesses must ensure individuals responsible for privacy compliance or handling consumer inquiries about the business’s privacy practices are informed of applicable CCPA/CPRA requirements.

“Covered businesses” aren’t limited to companies based in California. If you’re doing business online and you’ve got customers in California, this could include you! We cover the CCPA and CPRA in our course, and we update it regularly to reflect changes in laws and training requirements.

Request a sample training today to see for yourself our dynamic approach to modern compliance training. And if you’d like to learn more about configurable Data Protection Training for your company, let’s talk. We might be a good fit!

Ethena: Employee-friendly training that equips and sticks. Button: Let's Talk