Regulatory compliance may be mandatory for most businesses, but it’s not mandatory to make compliance training long, dull or ineffective to bring about change. Change, you say? Absolutely. Compliance is about reducing real threats to businesses and people.
Safety incidents, bribery fines and cyber-attacks are not to be sniffed at; they have very real consequences. They are also mostly the result of human error – and not just one-time incidents, but everyday bad habits. So, when it comes to compliance training, the key is to help people form new behaviors. Here’s how.
Pain, no gain
Throwing a compliance manual at someone is going to hurt, even in a fancy interactive format. We know that lots of content does not equal lots of (or any) learning.
Plus, if we get real about compliance, we’re really talking about changing employees’ individual habits. We want to move them away from actions that expose them and the business to risk, to actions that don’t (we write about why that’s hard and what you can do about it, here).
Mostly, incidents or near-misses come from (small) human errors.
Why looking at the cause of incidents makes sense
According to the Information Commissioner’s Office in the UK, the top causes for data security incidents are really simple. Sending emails to the wrong participants or forgetting to use BCC rather than CC are two top examples. They also cite cyber security incidents as a key way data is lost – which again comes down to human errors, such as clicking on a dodgy link.
Think about it:
- Do people need to know every inch of the Data Protection Act to stop them from leaving their briefcase on a train?
- Will taking a quiz on compliance laws help them stop sending emails to the wrong person?
Probably not. At least, not a month down the line, once the training has been forgotten.
Instead, it makes sense to focus on the causes of incidents and near misses (the why), then hone your learning design in on activities, experience and interventions likely to change those specific behaviors. In other words, take a leaf out of Cathy Moore’s action-mapping book.
Taking this approach will give your compliance learning design some oomph. Next, you’ll need to look at a way to sustain the change in behavior over time, because it doesn’t happen overnight. There’s some great ideas for building campaigns for change over on the Kineo site.
A look at our data protection demo
Our data protection demo provides simple ideas to help you focus your compliance training on errors and behavior change.
Topic 1. Prick people’s conscience
We create a series of seemingly simple polling questions around what we call “easy mistakes.” Focusing on the 5 real top errors, we ask learners to judge just how bad these “easy mistakes” might be.
Feedback for each question doesn’t judge how they answer, but drops in a stat and a real-life story about just how bad that simple error has been for someone.
Using real cases taken from the ICO website, we share stories of individuals, not businesses, who have drummed up huge fines with simple errors.
Using the power of social
Using Elucidat’s social polling capabilities, we then share how other learners answered the same question.
It seems that most people thought this kind of error was a lot more serious than I did…maybe I should rethink?
Having raised learners’ awareness of the errors they may be guilty of, and the risk they themselves are open to, they can then get some action-focused tips. They can pick the errors they most need to focus on.
Follow up with some further campaign-like materials, such as email reminders, more tips, updates on cases and stats around improvements made within the department. You’ll start to make real inroads to changing behaviors.
The key is to personalize the campaign material around the errors individuals have said they need to watch for, and help them get there through incentivization and practical tips.
Topic 2: Give it a whirl
The second topic in the demo shows how to use scenarios to make sure that learners really get how to use the right data, at the right time. Rather than making them swallow the data protection laws in entirety…
Make it memorable
We boil it down to a (slightly rude, but memory-friendly) mnemonic:
Learners can select each letter for a succinct guideline on when and how to keep and share data (Purpose, Relevant, Accurate and Time). With this in mind, they can get stuck into some realistic data usage scenarios.
Build confidence and competence
Without sounding like my piano teacher, practice does make perfect. It helps embed new learning, especially when we make mistakes and are stretched and challenged over time (spaced practice).
Scored as they go, 20 points for correct first attempts and 10 for correct second attempts, learners are given pointers in the feedback and then a final score.
Bring in a healthy sense of competition
Feed this into a leaderboard on your LMS or portal, and you’ve got a healthy sense of competition on the go.
Then roll out another, harder, challenge later. And then another. Build up change incrementally; don’t just expect it to build itself.
Spread it, everywhere, like Jackson Pollock
You can see we offer up a job aid: to download the (rudely named) PRAT guide. After all, people will forget your learning content – so give it to them to use when they need it (they can also revisit the mobile-friendly PRAT content for a refresher anytime).
Now, you may not go for a PRAT guide, per se. Whatever you call it, you can splat it around on intranet banners, email footers, posters and more to make it a living philosophy that over time becomes a new norm.
While they may seem cheesy, catch-phrases, mnemonics, visual characters, quotes, symbols and more are all tried and tested ways to seed ideas and new ways of thinking into people’s minds. Hence our nod to the idea of campaigns.
Have you got some great digital compliance training that kicks content-overload to the corner? Have you used digital strategies to bring about real change? We’d love to see it: Click here to submit your project Elearning Superstars
Or, if you’d like some help getting your compliance training modules a cut above your competitors’ or really working for your business – get in touch with our academy team.