New service to measure the effectiveness of data protection training

TRUMBULL, CT USA — November 19, 2020 — Widespread employee confusion around new data protection regulations could be placing businesses at risk of hefty fines and reputational damage. Questionmark, the online assessment provider, has launched a new service to help employers ensure their staff understand the latest regulations and that data protection training is working.

Earlier this year, the California Consumer Privacy Act (CCPA) established unlimited financial penalties for organizations that do not manage the data of California’s residents lawfully. The regulations are likely to affect any organization that does business across the United States (US).

The ground-breaking privacy law gives citizens a similar level of protection to the General Data Protection Regulations (GDPR) within the United Kingdom (UK) and European Union (EU). Since its introduction, more than €158 million[1] in fines have been made.

The risks to an organization of not complying are not just financial. Four in five (80%) consumers would rather do business with organizations that protect their personal data.[2]

The vast majority (88%) of data breaches are caused by user error, highlighting how important it is for employers to ensure that staff understand what is expected of them.[3] Leaders must ensure that data protection training is working.

To help employers navigate the growing risks of a data breach, Questionmark has released two separate services.

  • CCPA for business professionals is a ready-made assessment that ensures employees understand the data regulations that now apply in California
  • The GDPR basics assessment covers the general principles of the EU and UK’s data regulations

Lars Pedersen, CEO of Questionmark, said: “Many employers have introduced training on data protection to ensure staff understand the latest rules. But is that training working?

“Our new services can identify areas of strength and weakness across the organization. Employers can make better decisions about training. They can use the results of the assessment to demonstrate compliance to regulators and build trust with customers. They can reduce the risk of swingeing fines”

The results give employers documented evidence of training and testing to demonstrate compliance to regulators and stakeholders. Testing whether training has worked can give clients and customers confidence that their data is being handled lawfully.

Both services have been created by the Questionmark legal and privacy team. All of Questionmark’s privacy team are certified by the International Association of Privacy Professionals.

Learn more about the CCPA for business professionals assessment.

Learn more about the GDPR basics assessment.


[1] https://www.helpnetsecurity.com/2020/07/16/gdpr-fines/

[2] https://riskonnect.com/uk/governance-risk-compliance/enforcement-is-coming-how-ccpa-fines-compare-to-gdpr

[3] https://cisomag.eccouncil.org/psychology-of-human-error-could-help-businesses-prevent-security-breaches/#:~:text=A%20joint%20study%20from%20Stanford,if%20organizations%20judge%20them%20severely