The Environment Agency collects and uses a wide range of personal data about its staff and customers. The aim of this project was to improve and maintain the Environment Agency staff’s understanding of their legal obligations to process personal data in accordance with the Data Protection Act 1998 (DPA) and the Security Policy Framework (SPF). It built on the high-level annual security training which is mandated by the SPF and focused on the parts of the legislation that are most relevant to the day-to-day experiences of staff.
The overall aim of the project was to:
The e-learning was delivered to staff working in core functions, who regularly handle large volumes of personal data; but was also promoted and rolled-out to all staff and functions that process personal data (even at low volumes) and whose roles fall within the scope of the DPA.
The structure of the e-learning was arranged to create a natural flow through the key messages and objectives underpinning the main learning points. The structure allowed learners to breakdown the learning into bite-sized, manageable and relevant modules that deliver the objectives in a learner-friendly and clear manner.
Case studies or examples of real life scenarios were used throughout the course to place the key learning outcomes in a realistic context. This allows learners to identify with the situation and data protection processes by using active learning focused on the investigation and resolution of real-world problems. In order for this course to be effective, learners must readily see its relevance and meaning to them, their work and the Environment Agency as a whole. By constructing the learning around real-life examples, we will position the learning firmly within the ‘real-world’ to help facilitate the transfer of knowledge and skills to the workplace.