Avoid the Common GDPR Mistakes

The Cyber Governance Health Check Report revealed that only 6% of FTSE 350 companies are properly prepared for the changes to the General Data Protection Regulation (GDPR), including GDPR training.

All businesses in the UK need to adhere to the EU’s updated GDPR legal framework when it comes to data they hold and how it’s used. The deadline date is 25 May 2018, which may seem like plenty of time to prepare. However, it’s such a complex topic with some hefty penalties, that it’s important to start to understand what the changes entail and be well equipped for ahead of the deadline – and this includes GDPR training all employees.

If businesses fail to recognise the regulations and comply, they face penalties of up to 4% of a company’s global annual turnover or £17 million, so it is something all organisations should take seriously, as this size of fine could end a business.

When determining whether a company needs to prepare for the changes to data protection coming from GDPR, there are several quick and simple ways to find out. Firstly, determine whether your company handles or processes personal data. If the answer is yes, and the company is based in the EU, GDPR applies and you should provide GDPR training.

If your company is located outside the EU but undertakes any form of trade with customers within the EU, then GDPR rules will apply to you if you store, process or share EU citizens’ personal data.

The ICO (Independent Commissioner’s Office) has devised a set of 12 steps to help organisations prepare for the changes, which is a useful checklist for those requiring the basic information on GDPR and how to prepare.

So now you know that your organisation needs to be GDPR compliant ­­and you know the basic requirements – what’s next? In our experience, we’ve recognised some key hurdles that companies tend to fall at. But no need to panic – there are often some quick and simple solutions.

Lack of awareness of basic data protection

According to accountancy and advisory company Moore Stephens, “Organisations need to ensure that they fully understand GDPR so that they effectively identify what is required for the organisation to comply. The common theme that we are seeing is a significant lack of awareness of the regulation and this is throughout the organisation from top to bottom. Very often, the lack of awareness is not just related to the incoming GDPR but, more worryingly, concerns the basic data protection principles that the organisation should be on top of and fully compliant with already.

“Our experience to date has suggested that there are major underlying issues within organisations of all sizes in respect of them being a long way away from complying with the current regulation, let alone thinking about what the GDPR will be asking of the organisation. In this scenario, it suggests a lack of knowledge and resource within an organisation to address any data protection issues and it would be recommended that a third party should be engaged to make organisations aware of what is fully required under GDPR and to assist them on the GDPR journey to guide the organisation through to compliance before the enforcement date in May 2018.”

In a recent Webinar, we polled over 100 key decision makers responsible for GDPR compliance about their GDPR training.

  • Only 21% of organisations had rolled out GDPR training.
  • 40% had tackled basic cyber security training
  • However, 82% had provided guidance on the use of Social Media

This reflects the position many of our customers are in. The recent hacking attacks on the NHS and the impending threat of stiff penalties for non-compliance with GDPR mean that organisations are taking Cyber Security much more seriously. They have to, if you have not successfully addressed the basics then the chances of achieving GDPR compliance are negligible.

To address these fundamental issues within a company, it’s imperative that everyone in the company understands the basic principles of GDPR training, while those directly handling data require more extensive GDPR training.

Knowing your responsibilities

While it may seem obvious to some, being aware of the way that personal data is classified is the first action to take when determining a company’s responsibilities. Personal data is any data that can be used to identify the person, such as a name, ID number, location, IP addresses etc. Any personal data a company holds should have appropriate and explicit consent given by the owner for the desired use. The consent must be informed, specific and unambiguous.

The data processing principles are outlined in the GDPR framework. This includes a new accountability principle for data controllers and processers whereby they must be able to demonstrate compliance.

Anyone handling data of EU citizens are segmented into:

  • Controllers – a person, public authority, agency or business that determines the purposes and manner for processing data.
  • Processors – a person, agency or public authority or company processing data either solely or via third parties on behalf of a controller.

Some of the decision making is automatic – it should be apparent if data is held. But communicating the responsibilities of a company requires more time to set clear guidelines and goals for each team. When providing GDPR training to staff, it’s important to trickle down the responsibility to each employee, as anyone working with personal data of any kind needs to be compliant with the changes coming into effect. Another poll reflected this with 73% of organisations preparing everyone for GDPR, however 27% still had a view that the responsibility was siloed in the IT, Finance or legal departments.

Understanding individuals’ rights

The data owner has the right to obtain information from the data controller. They also have the right to know how and where their information is being used. If they do request to know more, the company must be prepared to provide it free of charge. Individuals will have enhanced rights to:

  • Access information;
  • Have inaccuracies corrected;
  • Have information erased;
  • Prevent direct marketing;
  • Prevent automated decision making and profiling;
  • Data portability.

If rights are infringed, individuals can take legal action against data controllers and data processors.

The process of supplying personal data back to the individual needs to be shared and understood by the team controlling the data. Equally, when obtaining personal data, privacy policies need to be reviewed to ensure they are more thorough when GDPR comes into force. Alongside GDPR, The Freedom of Information Act places additional burdens of disclosure on public sector organisations and employees in these institutions will again require additional training.

GDPR is a complicated subject, which is why it’s vital that businesses start to get to grips with the principles and practicalities well ahead of the deadline. It may seem daunting, but with the right GDPR training, organisations can be safe in the knowledge that all staff are educated, and the business is moving towards compliance.

VinciWorks has launched a number of courses aimed at employees of all levels to start their preparations for GDPR. The 50-minute GDPR training course is ideal for all employees to provide an understanding of GDPR so that they can apply the learning and be part of the organisations drive to achieve compliance. There are also eLearning courses covering Cyber Security and Freedom of Information.

Treating Customers Fairly (TCF)

The Financial Conduct Authority (FCA) is the conduct regulator for 56,000 financial services firms and financial markets in the UK and the prudential regulator for over 24,000 of those firms. The FCA plays a critical role in the UK economy ensuring that financial markets are honest, Treats Customers Fairly (TCF), small and large businesses and the UK economy as a whole

What is TCF?

Treating Customers Fairly is an outcomes-based regulatory and supervisory approach. It was implemented to ensure that specific fairness outcomes are delivered by regulated financial firms to their consumers.

The FCA has articulated the essential business principles and appropriate professional culture, it expects from regulated organisations.

1. Integrity – A firm must conduct its business with integrity.
2.Skill, care and diligence – A firm must conduct its business with due skill, care and diligence.
3. Management and control – A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems.
4.Financial prudence – A firm must maintain adequate financial resources.
5. Market conduct – A firm must observe proper standards of market conduct.
6.Customers’ interests – A firm must pay due regard to the interests of its customers and treat them fairly.
7. Communications with clients – A firm must pay due regard to the information needs of its clients, and communicate information to them in a way which is clear, fair and not misleading.
8. Conflicts of interest – A firm must manage conflicts of interest fairly, both between itself and its customers and between a customer and another client.
9. Customers: relationships of trust – A firm must take reasonable care to ensure the suitability of its advice and discretionary decisions for any customer who is entitled to rely upon its judgment.
10. Clients’ assets – A firm must arrange adequate protection for clients’ assets when it is responsible for them.
11. Relations with regulators – A firm must deal with its regulators in an open and cooperative way, and must disclose to the appropriate regulator appropriately anything relating to the firm of which that regulator would reasonably expect notice.

If your firm is regulated, then your senior management team is required to deliver fair outcomes by recruiting competent staff, providing ongoing training, monitoring employees performance and supplying records of compliance. If a regulated organisation fails to uphold any or more of the above principles, the FCA can investigate, fine and prosecute accordingly.

The 6 Outcomes expected of regulated firms are:

    1. Customers need to be confident that they are dealing with an organisation which places importance on the
    2. principles of TCF.
    3. Product and services meet the needs of consumers and are targeted appropriately.
    4. Consumers are given clear information during and after the point of sale.
    5. Any advice given to the consumer is suitable and relevant.
    6. Consumers are provided with items/services that meet an acceptable standard.
    7. Consumers do not experience any post sale barriers for example, change of product, service provider or poor complaints handling.

Training your staff is a great first step in ensuring you are complying with your TCF obligations. The Treating Customers Fairly online training course by VinciWorks is a course designed to introduce employees who work in the financial sector to the principle of treating customers fairly, so as to raise standards in ways that benefit.

What is a Pandemic and how does it differ from an Epidemic?

An epidemic is an infectious disease that quickly and severely affects a large number of people and then subsides. However, a pandemic is an epidemic that spreads worldwide, or at least across a large region.

Pandemics have posed the most deadly threats to mankind throughout history, claiming more lives than all accidents and wars combined. Tuberculosis, an airborne bacterial infection and smallpox, a viral infection have affected the human population on a pandemic scale for thousands of years.

More recently, in February 2004, the avian influenza virus was detected in birds in Vietnam. This discovery sparked fresh fears of the emergence of new variant strains. There is great concern among experts, that if the avian influenza virus combines with a human influenza virus (in a bird or a human), the new subtype created could be both highly contagious and lethal in humans, causing a global influenza pandemic to occur.

Diseases such as Lassa fever and the Ebola virus have the potential to become pandemics due to their ability to spread and mutate.

In the event of a Pandemic, what should you do to protect your business?

Information and guidance on infection control in the event of a pandemic can be found by visiting the HSE website http://www.hse.gov.uk/biosafety/diseases/pandemic.htm

Additionally, the UK government has invested a considerable amount of money and resource in contingency planning in the event of an influenza outbreak. 

https://www.gov.uk/government/publications/pandemic-flu-guidance-for-businesses

As with all Health and Safety matters, employers have a duty of care to protect their workers in the event of a pandemic break out.

If your staff are not aware of your organisation’s precautions and measures, then germs can spread and cause serious disruption to your company. The Health and Safety Executive (HSE) recommends that precautionary measures are implemented and that employers ensure that their employees practice good personal hygiene.  

Training your staff in Pandemic Awareness will help your company be compliant with the HSE protection guidelines, help refine your health and safety processes and relay specific company policies, so staff are aware of what to do in the case of a pandemic and thus, reducing the risk of cross-infection.

The course explains what a pandemic is, and the difference between that and a seasonal outbreak. The course describes the physical symptoms that might be seen, explores how a virus can spread and provides advice about the actions to take if medical help is required.

The online course highlights the necessity for good hygiene and how this can work to prevent viruses from being spread amongst the workforce. It also looks at vaccinations and at-risk employees.

The course has been designed to support an organisation’s approach to the implementation of control measures and, as with all the VinciWorks offers, the course can be fully customised, enabling your workforce to understand the specific policies and procedures you have developed for your organisation. A designated course administrator can edit the text and images within the course, and link to organisation-specific documentation, all at no extra cost.

Looking for in-depth and engaging business protection training? Explore our comprehensive eLearning library and try any of our courses for free.

New GDPR eLearning Course now available

VinciWorks has launched a new GDPR eLearning course on a topic all companies in the EU need to ensure they are up to speed on this year – General Data Protection Regulation (GDPR).

From 25th May 2018, the new legal framework on GDPR will apply, with businesses failing to recognise the compliance status facing substantial fines. Penalties of up to 4% of a company’s global annual turnover or €20 million – whichever is greater – are expected, so it is something all organisations should take seriously, as this size of the fine could end a business.

With just under a year to prepare, VinciWorks has launched an eLearning course to help businesses ensure their employees understand the principles of GDPR and gives guidance on how to prepare for when the new law comes into effect.

The course is designed to summarise GDPR, how it differs from the Data Protection Act and what responsibilities a business has when working with personal data. The course lasts 50 minutes and validates the understanding with a test that is recorded against the users training profile in the Learning Management System.

First, the course gives an overview of GDPR and who it applies to. Secondly, it familiarises the user with the role they play, what is defined as personal data and how to gain explicit consent.

The next part of the course looks at the practicalities of processing personal data under GDPR and how privacy should be the default, incorporated into the design of systems. GDPR includes a new accountability principle for data controllers and processors whereby they must be able to demonstrate their compliance, so it is important for business owners and HR teams to be aware of how each change in the framework can affect them.

Finally, the course explains the individuals’ rights to obtaining information from the data controller and being aware of what it is used for. If these rights are infringed, individuals can take legal action against data controllers and processors, so it is crucial for businesses to adhere to the law.

Looking for in-depth and engaging business protection training? Explore our comprehensive eLearning library and try any of our courses for free.

Internet Use at Work

Do Your employees know the boundaries of Internet use at work?

Internet use at work can be a minefield.  Electronic communications have revolutionised businesses worldwide and it is now commonplace for many organisations to routinely use email along side, or instead of, the telephone.  Email is cost effective, user friendly, convenient, aids flexible working and reaches across time zones.  The internet offers great opportunities for research, commercial transactions and the possibility of a “shop window” via a website.

The rise of the internet and use of email communication however, can also have a negative impact on both users and organisations.  

Do your employees use email correctly?

Email can be deceptively time consuming.  In many cases, a phone call can be a more appropriate and expedient method of communication than sending a ‘quick’ email.  Email allows us to hide behind our words and, with the absence of nonverbal communication and cues, messages can be wrongly interpreted. Lack of thought and unsuitable terminology may lead to binding contracts being inadvertently created. The confidentiality of emails can be compromised by anyone with the sufficient level of expertise. Relying on email can increase the time spent at our workstations, reducing time to physically move about and socialise with colleagues. Additionally, dependence on email communication may inhibit business relationships, where a human, face to face approach could be more advantageous.

The use of an organisation’s internet and email facility can also be a great way for employees to waste time, cause security issues and costly, legal matters.  A well-thought-out and clearly communicated, internet policy helps employers enjoy the benefits of the internet while reducing the pitfalls. It ensures employees use the internet effectively, states what is and is not allowed, and sets up procedures to minimise risks.  Training staff in the correct use of emails and the internet will help protect your business and your employees.

The VinciWorks Internet and Email Use eLearning Course enables you, the employer, to communicate your procedures relating to internet use to your entire workforce. The online course has been designed to explain guidelines on the correct use of IT facilities as well as the consequences of misuse. It outlines what is included within the category of IT facilities, such as software applications, email, Internet and social media, and how to use them appropriately.

The course looks in detail at what might be considered inappropriate. Topics here could include copyright infringement, breaches of confidentiality and/or data protection, accessing obscene and/or illegal materials, defamation, contractual liability, and engaging in discriminatory behaviour. The online course also explains the responsibilities of your employees to ensure the security of IT equipment, both in the office and, for mobile equipment, in other locations.

Like all VinciWorks courses, the Internet and Email Use eLearning course can be customised to meet your needs, enabling your workforce to understand the specific policies and procedures you have developed for your organisation. A designated course administrator can edit the text and images within the course, and link to organisation-specific documentation, all at no extra cost.

Equality and Diversity Policies: What is Workplace Discrimination

Creating a working environment that embraces all people free from discrimination, is a continual challenge for employers. As responsible employers, you have a duty to provide equality and diversity in the workplace where employees and customers are treated fairly and equally regardless of colour, race, age, gender or belief and valuing the differences and diversity each individual brings to your business.

What is discrimination?

Discrimination can be direct or indirect.  Direct discrimination can involve treating someone less favourably than others due to their certain characteristics.  Employees can be discriminated against indirectly in the workplace for example, by the creation of policies that put individuals with certain characteristics at a disadvantage.  

How widespread is discrimination?

According to Business in the Community, the gender pay gap is still an issue, with a median full-time difference of 9.4% – for every £1 earned by men, women earn 81p. 16% of Black, Asian and minority ethnic individuals have experienced racial harassment from their managers. Further, UK Government statistics show that 19% of disabled people have been treated unfairly at work, compared to 13% of non-disabled people.

According to ACAS, there are key steps both SMEs and large organisations can take to ensure discrimination is not fostered in their workplace.  Implementing a clear Equality and Diversity policy outlining business expectations and acceptable behaviour is critical in creating a successful working environment.  

An action plan promoting equality and diversity across the organisation and a system of measuring its impact, should be central to your commitment in addressing inequality and promoting diversity.

What should be included in your Equality and Diversity Policy?

In line with the Equality Act 2010, an effective policy should outline the following 9 protected characteristics; age, disability, sex, sexual orientation, race, religion or belief, gender reassignment, marriage or civil partnership and pregnancy and maternity.  A successful policy should display the organisation’s aims for eradicating prejudice and how to create fair treatment, by creating a positive and supportive environment, providing equal opportunity regardless of characteristics, promote diversity in the workforce and be responsive to changing demographics and work patterns.

Enhancing awareness of the benefits of having a diverse workforce is fundamental.  Greater diversity brings new approaches, skills and innovation to your workplace. Flexibility and equality can bring enhanced team spirit, more engaged employees and boost business reputation.  

Both employers and employees have a joint responsibility in creating a culture of respect.  Training all staff is key step in achieving equality and diversity.  

Vinciworks offers an Equality and Diversity eLearning Course which explains the importance of the Equality Act 2010 to the workplace and highlights the need to ensure that there is no discrimination in your organisation, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion and belief, or sex and sexual orientation.

As with all our courses the Equality and Diversity eLearning course can be tailored to the needs of your organisation, at no additional cost. Your course administrator can update text and other course content using our integrated authoring tool, and link to specific policy documentation, so you can be assured that the principles of your Equality and Diversity Policy will be clearly communicated to your staff.

Cybercrime: 5 effective tactics that can help to protect your organisation

Cybercrime: The growing menace

Over the last few decades crime has changed.  Traditional crimes such as theft and burglary have declined and criminal gangs have taken a digital road, exploring and exploiting new opportunities, those offered by the Internet, the ever-expanding world of e-commerce and online banking.

Nobody really knows how big Cybercrime is but, there were an estimated 3.6 million cases of fraud and two million computer misuse offences in a year, according to an official UK survey.

Anyone can be a target.  Criminal gangs attack individuals, small businesses and large corporates, in equal measure, seeking to profit from compromised data.

News coverage in the last few days has reported the severity of a recent global coordinated ransomware attack which, caused widespread chaos across the National Health Service and hit hundreds of thousands of computers in 150 countries from Russia to Australia. Affected NHS trusts have been criticised for not updating their Cybersecurity, despite warnings from NHS Digital a month ago that they were vulnerable to a possible attack.

Are you aware of the threat of Cybercrime and is your business appropriately protected?

Increasing your knowledge of Cybercrime, maintaining security measures and implementing good security practices, will go a long way to defend malware (malicious software) and reduce the risk of attack. Almost every business relies on the confidentiality, integrity and availability of its data. Protecting information, whether it is held electronically or by other means, should be at the heart of an organisation’s security planning.

There are 5  things you should be doing right now to protect your business:

  1. Ensure staff have been trained on how to identify suspicious emails and understand what to do if they receive one.
  2. Have every PC in your organisation checked that it has had anti-virus / anti-malware software installed.
  3. Check your anti-virus software is up to date with the latest database.
  4. Check that updates have been applied to the operating system of all computers in your network.
  5. Ensure you have a Cyber Security policy in place and check all staff have read, understood and signed off the policy.

By training your workforce and raising awareness you will reduce the risk of being a victim of cybercrime.

The VinciWorks Cyber Security Training Course has been designed to explain the importance of digital information and also discusses the necessary steps we can all take to reduce the risk of Cybercrime.

Different types of Cybercrime are highlighted and explained within the course, including various forms of viruses, worms, adware, spyware, and malware. Being aware of Social Engineering and the tactics criminals use to trick users into providing access or personal information will help employees understand that basic safety checks, safe use of the web and of mobile phones are fundamental in staying safe online.  Users will understand the importance of Virus checks, secure passwords, user accounts and browser safety.  Additionally, the safe use of devices in public areas is also discussed.

As with all VinciWorks eLearning courses, this Cyber Security Training Course can be customised to meet your individual needs.  A designated course administrator can use our integrated authoring tool to edit the text and images within this course and link to your organisation’s specific documentation, all at no extra cost.

Looking for in-depth and engaging business protection training? Explore our comprehensive eLearning library and try any of our courses for free.

Disciplinary Procedures: When does misconduct become “Gross”?

Disciplinary Procedures:

‘Misconduct’ in the workplace refers to unacceptable or improper behavior.  This includes failing to reach performance goals and business expectations, persistent lateness or unauthorized absence from work.  Misconduct is classed as ‘gross’ when the behavior is more serious, for example, physical violence, insubordination, theft and gross negligence.

An organization’s Code of Conduct should outline important information and guidance on the expected levels of behavior, responsibility and practices within the workplace.  This set of rules is a means by which an organization or party can communicate appropriate standards of conduct between colleagues, service users and clients.  Furthermore, it sets out ethical and legal requirements.

Recruiting and retaining the right staff for your business can be a difficult task.  Having a clear and achievable staff performance plan, outlining goals and expectations is essential. This plan should be effectively communicated and agreed with all your employees.  With management support and training, your employees will have the opportunity to be a positive and productive part of your organization.

All businesses over time, will encounter poor performance and misconduct issues.   

Making sure discipline is maintained is very important but, how can it be fair and transparent?

The level of discipline required will be depend on the seriousness of the misconduct. Dealing with misconduct, in an appropriate manner and following company procedures, will ensure your workers are treated fairly.  

How do you arrive at fair Disciplinary Procedures?

All businesses should have a Disciplinary policy and Code of Conduct in place.  As with all policies, this should be available to all employees, clearly defining company expectations.  With workplace and regulatory compliance becoming more and more important, ensuring that staff have read and understood your organization’s policies and procedures is fundamental.

A Disciplinary policy should be in line with ACAS guidelines. It must state what type of performance and behavior may lead to disciplinary action and what action your employer might take. It should include what constitutes misconduct, gross misconduct and grounds for dismissal. Additionally, it should specify the name of someone an employee can speak to if they don’t agree with their employer’s disciplinary decision. The policy should state different stages of a disciplinary procedure, rights of your workforce both for representation and to raise an appeal if action is taken.

Employers often spend a large amount of time drafting a fair disciplinary policy, but fail to give the same attention to training their staff to put it into practice.

Managing poor conduct or performance can be a challenging task. Making sure your managers are adequately trained will help your business maintain discipline and provide an acceptable and transparent disciplinary process.

The VinciWorks Disciplinary Procedures eLearning course provides guidance on disciplinary procedures that are required within a workplace to ensure the fair treatment for those whose conduct or job performance does not meet acceptable levels. This course allows your organization to communicate your disciplinary procedures to all employees.

As with all our online courses, this VinciWorks Disciplinary Procedures eLearning course is SCORM Compliant and can be customized to meet your needs. This means that it will cover your specific policy, rather than deal in generalities. Your designated course administrator can edit the text and images within the course using our integrated authoring tool and link to organization-specific documentation, policies and procedures, all at no extra cost.

Click here to request a free trial today

Are Your Employees Trained to Spot the Signs of Modern Slavery

Modern Day Slavery

Slavery is a term most people associate with events long consigned to the annals of history. However even today, millions of men, women and children around the world are forced to work in indentured servitude as slaves in the modern era.

Statistics released by the National Crime Agency (NCA) show there were 3,805 people referred for help in 2016 – up from 1,745 people in 2013. Home Office estimates suggest there are between 10,000 and 13,000 victims of modern slavery in the UK. This does not include anyone affected further down the supply chain in other countries.

It’s easy to think that slavery doesn’t happen where you live or work.  It might be your organisation could encounter or even employ a victim of slavery without even realising it…

UK Sectors most at risk from Modern Slavery

In 2016 the government launched “Operation Magnify” a cross-government initiative aimed at clamping down on illegal workers by targeting specific “Risk Industries” these included; Construction, The Care Sector, Catering and also Taxis and Private Hire.

Slaves are working in restaurants, nail bars, car washes and as domestic help, and can be invisible to those who think “slavery doesn’t happen where I work and live”.  If you operate in these sectors it is now even more important that your organisation understands the legislation and employees are trained to spot the telltale signs of modern slavery.

Modern Slavery Act 2015

With penalties that can include prison and fines that have exceeded £20,000 per illegal worker, there is much more than a simple moral imperative to ensure that your business knows who it is employing and can prove they are working legally and not under duress from a third party.

The provision in the Modern Slavery Act for transparency in supply chains takes the obligations beyond direct employees and is clear that it is not acceptable for an organisation to say that “they did not know” or to ignore and supply chain issues because they were too complex or difficult to uncover. A complex supply chain spread over different countries and with various suppliers contributing to the final product or service can make it difficult to detect slavery beyond the first tier of suppliers. A recent example of this is the shrimp in supermarkets traced back to suppliers using forced labour in Thailand. This can mean additional training demands that extend to backroom functions like Purchasing and Procurement as well as those in HR, Payroll or on the front line.

Training Staff to spot Modern Slavery

As part of its Business Protection Pack, VinciWorks have now introduced a course to specifically address modern slavery. Enterprise customers can have this SCORM compliant, fully editable course added to their Learning Management System or deployed using the WorkWize LMS from VinciWorks.
Looking for in-depth and engaging business protection training? Explore our comprehensive eLearning library and try any of our courses for free.

Training staff to prevent workplace bullying and harassment

Workplace bullying – The Equality Act 2010

According to ACAS, Bullying is defined as ‘offensive, intimidating, malicious or insulting behaviour, abuse or misuse of power through means intended to undermine, humiliate, denigrate or injure the recipient’.

Harassment, defined by the Equality Act 2010, is regarded as any form of behaviour that makes an individual feel intimidated or offended.  This includes “unwanted conduct related to a relevant protected characteristic, which has the purpose or effect of violating an individual’s dignity or creating an intimidating, hostile, degrading, humiliating or offensive environment for that individual”.

Bullying and harassment can occur face to face, via telephone, email or letter.  With the rise of social media, cyberbullying is becoming more commonplace.

What kind of impact can bullying and harassment have on a workplace?

Bullying and harassment in the workplace can be extremely detrimental to the workforce; the impact the economy has been estimated at £13.75 billion for absenteeism and turnover and 1.5% reduction in overall UK productivity, which equates to around £17.65 billion.

ACAS report that managers reporting grievances concerning bullying and harassment has risen from 7% in 1998 to 11% in 2011.  

Workplace bullying can lead to ill-health and work-related stress, it affects morale and is the cause of untold misery to workers.

Everyone has the right to enjoy a respectful and positive working environment.  A

C6E4GF USA, New Jersey, Jersey City, Young woman working in office. Image shot 2011. Exact date unknown.

s employers, you are responsible for providing safe and healthy surroundings, where your employees can enjoy a bullying and harassment-free working experience, not just in the office but, in areas where work is performed. This extends to training, conferences, social outings and work parties.

Additionally, employers can be liable for third party bullying and harassment, for example, where a client, customer or other stakeholders of a business can harass an employee.

Workplace bullying – What should employers do?

Time spent understanding your responsibilities and proactive planning will provide long term benefits for you and your employees.  Attitude, policy and training are key elements for your success.

Leading by example will help influence behaviour, attitude and the thoughts of others.  A clear Bullying, Harassment and Grievance Policy should be implemented and effectively communicated to and understood by, all employees. Your policy must send a clear message to all employees that workplace bullying is unacceptable and will not be tolerated.

Employees need to know what procedures to follow and who to consult if they have been affected by bullying and harassment in the workplace.  Similarly, line managers need to be aware of what to do if an employee seeks help.

What kind of training is available?

Training your staff is fundamental in providing your employees with the necessary knowledge, information and guidance to help reduce and manage bullying and harassment in your organisation. Training should be ongoing and reinforced periodically by reminders for all employees.

Training courses come in many forms. Interactive eLearning is a green and cost-effective way of educating your workforce, 24/7 and in any location.  Online courses grant greater accountability and audit capability to help break down training barriers to ensure businesses embrace your learning agenda.

VinciWorks Equality and Diversity Training draws on real-life examples and illustrates the significance of an anti-bullying and harassment policy and the importance of an appropriate complaints procedure.

As with all the VinciWorks courses, the Equality and Diversity course can be customised to meet your needs, enabling your workforce to understand the specific policies and procedures you have developed for your organisation. A designated course administrator can edit the text and images within the course using the integrated authoring tool, and link to organisation-specific documentation, all at no extra cost.

Once the course is completed, users will be required to take a final test consisting of as default, 10 required questions out of a bank of 20 questions.  The course administrator within your organisation can set a pass threshold, depending on your requirements and decide to implement the random test question feature. On successful completion of the test, users can download and print a certificate.

Looking for in-depth and engaging business protection training? Explore our comprehensive eLearning library and try any of our courses for free.