GDPR Training for Employees

Computer-Based Workforce Training

GDPR Training

GDPR Training TeachPrivacy 05

GDPR Privacy Training

The EU General Data Protection Regulation (GDPR) requires workforce privacy awareness training.  Under Article 39, the GDPR includes among the tasks of the Data Protection Officer (DPO) “awareness raising and training of staff involved in the processing operations.”

There are three types of training that are relevant in light of GDPR:

(1) General Workforce Privacy Awareness Training  – basic privacy awareness for the entire workforce

(2) Training About GDPR — training that introduces select employee groups to GDPR (i.e. employees who need to know more about how GDPR works)

(3) Role-Based Training — training for specific roles in organizations, such as designing products and services for privacy or vendor management

Professor Solove’s knowledge of domestic and global privacy issues, including the often dynamic regulatory environments in Asia and Europe, is unmatched. Furthermore, his ability to take complex privacy issues and reduce them to simple, teachable concepts is exceptional. It is good to be working with the best in the privacy field!”

–Steve Worster, Chief Compliance Officer and HIPAA Privacy Officer, StoneGate Senior Living

General Workforce Privacy Awareness Training

For the general workforce, global privacy awareness training need not make employees experts on the GDPR.  Instead, the GDPR staff awareness training should focus more generally on privacy and data protection training for staff.  Training should teach employees what to do to protect personal data to respect people’s rights and fulfill the obligations of GDPR, including responsibilities, rights, and penalties. GDPR courses should also explain why protecting personal data is important.  The GDPR online training for employees courses below offer privacy awareness training that focuses on core principles of privacy.

Click here for our catalog.

Please Contact Us If You Are Interested In GDPR Training Online Courses

We can provide you with a complimentary login so you can evaluate the below programs and more.

First Name

Last Name



Please tell us about your training needs

Professor Solove’s newsletter covers his latest writings, events, and training. It is sent weekly.
You can unsubscribe at any time. Click to see a sample issue.
Would you be interested in subscribing?

Global Privacy and Data Protection

This course focuses on key concepts of privacy common across international jurisdictions as well as explains areas where approaches to privacy diverge.   The course is designed to satisfy EU General Data Protection Regulation training requirements but also to work for the US and other jurisdictions. There are 12-minute, 20-minute, 25-minute, and 30-minute versions of the course.

Global Privacy and Data Protection Feature Title 01a

Dimensions of Data Privacy

This data protection training course (~ 25 minutes) covers the same material as the Global Privacy and Data Protection course but with some additional content and in a different style. The course focuses on key concepts of privacy common across international jurisdictions as well as explains areas where approaches to privacy diverge. The course discusses why data protection and privacy are important, how to recognize personal data, and the various responsibilities that must be followed throughout the life cycle of personal data.

The Life Cycle of Personal Data

This privacy awareness training course (~ 15 minutes) is a highly-interactive overview of privacy responsibilities and protections regarding the collection, use, and sharing of personal data. The course tracks the life cycle of personal data, starting from when it is collected or created. The course concludes with a discussion of data retention and destruction.

Privacy Awareness Training: Lifecycle of Personal Data

Defining Personal Information 

Personal information is sometimes referred to as personally identifiable information (PII) or as personal data (the term used in the EU). Defining what personal information is — and being able to identify it — is essential for privacy awareness training because privacy laws and regulations are triggered if personal information is involved. Personal information can be a tricky concept because it is sometimes contingent and contextual. This PII training course (~ 8.5 minutes) is an overview of how to identify personal information. It explains clearly and understandably what personal information is and how to approach identifying it.

Privacy Training - Defining Personal Information

What is Personal Data?

This course (~ 5.5 minutes) provides a basic introduction to how to identify and define personal data or personally identifiable information (PII). The video discusses the distinction between ordinary PII and sensitive data. It also explains that identifying PII is important because it triggers privacy rights and obligations. The video concludes by discussing the importance of knowing the data you collect, receive, and transmit.


Privacy Principles

To protect personal information, it is important to follow the Fair Information Practice Principles (FIPPs). This short course (~4 minutes) focuses on what protecting people’s privacy entails. It provides an overview of the basic FIPPs and explains why they matter. The course offers concrete guidance to workforce members about how they should collect, use, store, and protect personally identifiable information (PII) or personal data.

Video Title Page Privacy Principles

GDPR Privacy Training Courses

The courses below are for employees who need to know more specific detail about GDPR and related topics.


This GDPR online training course (~7 minutes) provides a brief introduction to the GDPR for lay employees who need to know the basics. The course discusses the scope and applicability, the basic terminology of the law, the GDPR rights provided to persons in the EU, and the GDPR responsibilities an organization has in order to comply. The course explains the importance of GDPR compliance and discusses how it is enforced as well as the GDPR penalties, which include fines of up to 4% of total annual worldwide turnover.

GDPR Training - General Data Protection Regulation Awareness

GDPR Interactive Whiteboard

This program (~5 minutes) is an interactive whiteboard that succinctly summarizes the GDPR. It can readily be used on internal websites to raise awareness and teach basic information about GDPR. It can also be used in a learning management system.

GDPR Training - General Data Protection Regulation Awareness

Privacy Shield

This course (~7 minutes) provides a brief introduction to the EU-US Privacy Shield Framework that was adopted by the European Commission in 2016 and replaced the previous Safe Harbor agreement practices. It discusses the purpose and origin of Privacy Shield and the key Privacy Shield principles (Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement, and Liability). The course also emphasizes the importance of complying with Privacy Shield and explains the consequences for failing to do so.

Privacy Shield Training Course

European Union Privacy Law

This course (~7.5 minutes) provides a basic introduction to privacy law in the European Union. It discusses the main differences between EU privacy law and US privacy law. It has been recently updated to discuss key features and developments regarding the General Data Protection Regulation (GDPR).


Role-Based Training

Some individuals will require more specialized training about new responsibilities they will have under GDPR.  We offer courses for specific, role-based privacy training.

Privacy by Design

To effectively design for privacy, one must identify and assess the various privacy issues that might arise.  This course (~15 minutes) provides a framework to help people spot privacy issues and understand their implications. Professor Solove uses his well-known taxonomy of privacy to explain how to identify the various privacy issues that might arise with new products or services. This course will be helpful to engineers and designers of programs, software, websites, and other products or services that could implicate privacy. The course is also useful for the entire privacy compliance team. The course provides a roadmap and framework to help people spot privacy issues and understand their implications.

The Rude Refrigerator:  A Privacy by Design Story

This vignette (~4 minutes) demonstrates in a humorous way why it is essential to consider privacy issues when designing products and services. The video explains the types of issues that can arise and the importance of addressing them early on in the design process. This course will be helpful to emphasize privacy concerns to engineers and designers of programs, software, websites, and other products or services. It will also be useful for the entire privacy compliance team.

Privacy by Design Training

Vendor Management: Sharing Data with Third Parties

Under the GDPR, organizations can be liable if a third-party organization they contract with violates the privacy of an EU citizen.  This privacy training program covers vendor management issues when data is shared with third party vendors. In particular, the program discusses due diligence in selecting third party vendors and the types of data protections that should be included in the contract with the vendor.



Divider 02

About Professor Solove and TeachPrivacy

Daniel Solove Data Security TrainingThis resource page was written by Professor Daniel J. Solove.  Professor Solove is a law professor at George Washington University Law School and the leading expert on privacy and data security law. He has taught privacy law every year since 2000, has published 10 books and more than 50 articles, including the leading textbook on information privacy law and a short guidebook on the subject. His LinkedIn blog has more than 1 million followers. Click here for more information about Professor Solove.

TeachPrivacy provides privacy awareness training, security awareness training, phishing training, HIPAA training, FERPA training, PCI training, as well as training on many other privacy and security topics.  TeachPrivacy was founded by Professor Solove, who is deeply involved in the creation of all training programs because he believes that training works best when made by subject-matter experts and by people with extensive teaching experience.