As part of the Masters programme at UL, there is a requirement complete a dissertation or content development project. This is a heavy-duty piece of work and accounts for one third on the Masters programme. So, no pressure then! I am very much in the content development end of this Masters and had lots of fun last year developing a learning object which was a guide to voting in the Irish proportional representation single transferable vote (PR-STV) system.
For this project, I’m at the proposal stage and it is a stop-start process, with a lot of thinking and not much output just yet. My plan is to develop an e-learning course which will be an Introduction to Data Protection. I have just received ethics approval for the course from the University. This in itself was a process that gave me an insight into data protection principles as I had to set out how I planned to use, store and delete data collected through surveys and interviews. I also had to clarify how I would get informed consent from participants.
I think a course in data protection will be a timely and relevant topic for several reasons:
- First, there are low levels of comfort around data protection and whether organisations are adequately set up to handle data protection issues. For example, in a survey by the Irish Computer Society (Jan 2017) just half of those responsible for data protection believe they have received the correct level of training and 61% of organisations had a data breach in 2016. While the number of data breaches caused by hackers is on the rise, more than half of the breaches reported were caused by staff misplacing records. This suggests that for many organisations there is limited knowledge of the requirements of data protection under the law.
- Second, at a European level, significant changes to data protection have been passed and will come into effect in all EU countries in May 2018. The General Data Protection Regulation (GDPR) will come into force on the 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive.
- Finally, getting data protection right will be fundamental to the growth of the digital economy and for organisations that do it correctly, it will increasingly be a way to compete.
In thinking about the audience needs, my starting point initially was a bit like motherhood and apple pie – “……well everyone needs more training in data protection…”. I quickly realised however that this type of vague thinking was a trap and a direct path to a broadly based, unfocused and ultimately not very useful piece of e-learning. So, I have narrowed my approach significantly and I am planning to focus the course on the data protection learning requirements of schools in Ireland.
I have started evaluating the need using Cathy Moore’s Action Mapping Framework. I think that this approach is a helpful way of identifying and mapping what will be relevant for the course and what is not necessary. It will also allow me to identify content that is relevant but perhaps would be better as a job aid rather than (or in addition to) e-learning content.
My next steps in the needs analysis are to survey learners and meet some SME’s (subject matter experts) and that is what I will be working in over the next two weeks.