The CPO should oversee mandatory privacy training program development and ensure that it addresses compliance with the Privacy Act, E-Government Act, other privacy-specific requirements and guidance, and organization policies, procedures, and penalties for violations. Annual training should cover safeguards for protecting personal information, and for reporting and responding to incidents involving the breach of PII. Organizations should track mandatory training through the use of registration sheets, signed acknowledgment forms, or online acknowledgments and periodic checks.
Functions of CPO in privacy training:
- Develop privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations.
- Oversee, direct, deliver or ensure delivery of initial privacy training and orientation to all employees, volunteers, contractors, alliances, business associates and other appropriate third parties.
- Conduct on-going privacy training and awareness activities.