Services
Workshops
Profile
Articles
Links
Contact

Privacy Training Needs Assessment

By Scott Crosby, President, Sysanova Ltd.

This is the second article in a series. The first article outlines the considerations for a strategic approach to privacy training. This segment deals with the privacy training needs assessment.

So what’s the big deal? Your company has a privacy policy. Individuals can expect your personal information management practices and security measures to keep you to your word and your lawyers are fully prepared to assess and act on potential non-compliance issues. Why do you need to think about staff training?

Your company possesses personal information and will continue to collect, analysis, collate, review and use that data. How do you ensure that those actions not only comply with the Personal Information Protection and Electronic Documents Act and other privacy laws, but also demonstrate to your clients and workforce that as a corporate entity, you understand the concept of privacy and can leverage it for corporate advantage?  You train your staff.

Training needs to be focused,  targeted and integrated to the needs of the corporation and any ongoing training or staff awareness initiatives. The need for training must be identified so that the curriculum can address the specific need and so that an assessment of the success of the training can be accomplished. 

The big picture is a good place to start. Consider the nature of the company, its core business, its delivery mechanisms, it direction and its culture. Corporate presence helps position a company in a competitive environment, including the size and location of the workforce. This is a scoping effort that will provide the components to plug into a Privacy Training Needs Assessment Matrix (PTNA).

The following PTNA matrix [link opens in new window] will help to determine what groups need what training. Completing this matrix will require some information gathering and research, but it is important that the road is mapped out before proceeding. The result of this matrix will be a sketch of the curriculum that will be followed. The matrix below is illustrative only. It demonstrates how each box requires some background work which together forms  the bigger picture.  If needed, a costing column could be added to indicate the budgetary requirements.

This matrix helps to reveal the learning needs of each group of employees. It does not detail the individual curriculum, validation tools or specific workgroup goals, but it does create a starting-point needs assessment.  Considering that privacy training is a horizontal issue that nearly everyone needs to hear about, the needs assessment is very comprehensive in scope, but less so in content. Workgroups will encounter privacy management at different levels, so it is critical that in this assessment phase, the frequency, relevance and complexity of privacy in individual work groups is analyzed so that the needs can be better determined. Content will be detailed in the specific curriculum development.

Once a training strategy is approved and this matrix forms a fundamental part of a plan, costing and timing can be better analyzed and the workgroup specific sessions can be mapped out.