People need GDPR training

Privacy Kitchen, Keepabl’s free training channel on YouTube for GDPR and all things Privacy that we started in lockdown for our Privacy community, is more popular than ever, closing in on 55,000 views! We take a look at why, more than ever, the world needs a helping hand when it comes to Privacy.

Why Privacy Kitchen?

Through all our market interactions since our launch in 2017, we kept seeing 3 very big issues for Privacy compliance.


#1 Most people dealing with GDPR for their organisations are not Privacy professionals. They’ve been thrown GDPR because they’re in IT, Security, Ops or Compliance (let’s call this person Jo).

Cisco’s 2022 Data Privacy Benchmark Study confirms that Privacy is handled by IT, Security, Ops or Compliance in 90% of cases. 

In our work with the mass- and mid-market over the years, we believe this is nearer 100% in that segment, and that organisations tend to look for the nearest operational role, something linked to tech, data or Security. In rarer cases, we’ve also seen Privacy sit with HR and Office Managers.

Cisco say 9% is with Legal, but they’re most likely Corporate or Employment lawyers in the same boat, and Legal only tends to appear in organisations after they reach a certain size, unless they’re regulated. Plus in-house Legal tends to be advisory rather than operational.


#2 The rest of the organisation feels instantly happy that Jo has Privacy covered and all is good in the world – nothing else to do, right?

We see this all the time! Everyone is delighted that ‘GDPR is sorted’ because Jo’s got it covered. People are desperate to hand off GDPR and move on as they did before. However, when you think that Privacy is as big an area as Security, it quickly becomes apparent you can’t avoid rolling your sleeves up as an organisation and getting stuck in.

And both GDPR and lockdown have rapidly changed this ‘inertia view’ in organisations: 

  • all the GDPR myths were blown up by early 2020 – no, ISO 27001 does not get you GDPR compliant, but it really helps with <link to 7 Principles vid>1 of GDPR’s 7 Principles<link to 7 Principles vid>.
  • all the enforcement that people were waiting for came through in lockdown – big time. And the biggest fines by dollar and by number, by a margin, are not about Security but other aspects of Privacy.
  • Covid lockdown measures made everyone think about data protection – the rules that organisations must follow to protect our Privacy. Think of all the discussions around giving your name and number to a bar or restaurant.
  • Brexit finally took effect, with lots of public discourse around whether or not the UK would receive an adequacy decision under EU GDPR to protect the billions of trade based on data transfers.
  • Schrems II happened, making it generally illegal under GDPR to use US cloud providers who can see your personal data in plain text. See the 2022 decisions from European regulators that transferring personal data to the USA through use of Google Analytics (as used in those cases) is illegal in the EEA.

If you’re using Google Analytics (like most companies) and are unsure how to proceed, check out our Privacy Kitchen video on the topic. We’ve got some great GA alternatives there for you.

  • Remote working isn’t going anywhere, and it’s made organisations accelerate the move to the cloud, and focus on Security and Privacy of their own and their customers’ data in this new work paradigm.
  • Organisations have seen the <link to our ROI/business benefits blog>incredible benefits from good Privacy<link to our ROI/business benefits blog>. That excellent 2022 Cisco study confirms Privacy’s growing importance:
    • 91% of companies surveyed stated that their customers would not buy from them without showing adequate data protection
    • 94% noting that they now report on Privacy metrics directly to the Board
    • 14% of respondents showed between 3 to 5X ROI on Privacy spend – an average monetary value of USD$3m
    • over 60% reported reduced sales delays and improved operational efficiency, and 70% of respondents said solid Privacy makes for a more attractive company. 

In Cisco’s words, “Invest in Privacy – it pays off!


#3 Jo is feeling incredibly vulnerable! They’re a professional in their sphere, but they know they don’t know enough about Privacy. With limited time and resources, they’ve a real need for practical information and support to operationalise Privacy.

Sadly, this hasn’t changed over the years! In fact, we’re seeing this more and more as organisations are now moving at speed to good Privacy compliance. 

So we focussed Privacy Kitchen on helping those looking after Privacy for their organisation to move forward, to understand all the industry jargon and practices, and to simply operationalise Privacy.

We want to take away the Privacy stress for Jo, and help them look like a superhero in their organisation! That means they’ll also be managing Privacy risk, achieving compliance (a continual-improvement journey), and helping their organisation look like a superhero to their customers, partners, investors and auditors.

Our Privacy Kitchen channel is a great way to get free information around key topics, simplifying complex Privacy concepts so that you can apply them in the real world – the working world is the real world, right?

We’ve just zoomed past 54,000 views, which we’re super proud of. It’s all down to an increasing appetite for Privacy. We continue to serve up a smorgasbord of easily-digestible Privacy content across a range of Privacy issues.

(Privacy Notice: Privacy Kitchen videos are native on LinkedIn and hosted in our YouTube channel. By clicking to view our videos, you’ll be accepting YouTube’s Privacy Policy and their use of cookies)


Privacy and ESG

Organisations are increasingly aligning Privacy and ESG to make a stronger commitment to the protection of their customer data in order to build Trust. 

To develop an ESG strategy that accommodate Privacy, a better understanding of its core concepts is key, and according to our own research Privacy Kitchen is proving perfect for that! 

The Cisco study we referenced earlier highlighted that 71% of companies benefited from investing in Privacy due to the loyalty and trust that it promotes – something an ESG strategy also strives to achieve. 

This makes perfect sense when you consider the level of mistrust that has developed as a result of “surveillance capitalism”. 

Privacy fits clearly into the ‘Social’ part of ESG as it’s all about respecting individuals. It clearly also sits with the ‘G’ for Governance. And interestingly a Jet Global study documented that data legislation saves the emission of 360 tonnes of Carbon dioxide per day – all thanks to the data minimisation and storage limitation required under GDPR. So it also fits into the Environmental section!

We’re going to look more closely at Privacy and ESG in the coming months in order to help those looking to include Privacy as part of their overarching ESG strategy.

Make sure to sign up to our newsletter using the form below to stay in the know.





Build customer Trust with Keepabl

Why not choose Keepabl as a way to create your instant Privacy Framework focused on GDPR to increase trust with your customers, and maintain and improve your reputation? 

Our award-winning Privacy Management Software allows you to get up and running with ease, with simple data mapping, instant Article 30 Record creation and comprehensive Risk and Breach functionality for peace of mind. And, you can export KPIs, insights and reports on all of this at the click of a button so you can keep the Board and Auditors happy.

Don’t just take our word for it! See how Keepabl helped listed Wealth Management firm Canaccord Genuity Wealth Management improve their GDPR compliance.

Want to get going ASAP? Get your Keepabl demo


Related Articles

UK GDPR Reforms 2021
Blog News & Awards
UK Consultation on Data Protection Reforms 2021

On 10 September 2021, the UK’s Department for Digital, Culture, Media & Sport (DCMS) launched Data: a new direction, a consultation seeking responses on a wide range of proposed changes…

Read More
Have your say on our Data Subject Rights (DSR) solution!

We’re about to build our DSR solution, integrated within our award-winning SaaS solution – and we want to hear from you first!  Take our 9-question survey to become a ‘Roadmapper’…

Read More