International privacy law requires that organizations provide basic privacy and AI governance training to their employees, but attending a training isn’t the same thing as understanding privacy. If you’re struggling to develop creative and interesting educational privacy programs for your company, start with these tips:
1. Make privacy personal.
If engineers, marketers, HR professionals, and other teams care about their own privacy, they will be more intrinsically motivated to understand their impact on others’ privacy as well.
Security compliance professionals will recognize the strategy of revealing to training attendees how often their contact information was leaked in a data breach. Take it a step further by giving examples relevant to what is happening in your attendees’ lives.
Joanna Kennedy, Global Group Data Governance Officer at SAE-PRI and Data Privacy Hero Awards 2025 nominee, takes privacy training on the road to Employee Resource Groups (ERGs). By focusing presentations on the impact of privacy & AI for specific identity groups, she can grow deeply motivated privacy champions across teams. Employees who learn that racial or gender bias in an AI model could have an impact on their own lives are more interested in AI governance as a whole.
Craig Clark at Clark & Company Information Governance Services suggests focusing training on topical themes. If your training is scheduled during ‘back to school’ buzz, use examples related to children’s privacy – this can help a training feel timely and “hook” your audience.
Once you have your employees invested in their own privacy, you’re ready to teach them how they impact privacy in their own roles. It’s best to keep trainings small at a team-level so that you can get specific and tactical. Privacy training for a customer support manager should be different from privacy training for an IT manager or an executive.
2. Get interactive.
Privacy managers frequently use quizzes to confirm trainees have retained the information taught. Quizzes work best when they’re applied to departmental-specific examples. Quiz marketing on tracking rules, HR on algorithmic bias, product on data minimization, and so on. You can take it a step further by incorporating interactive components throughout your entire training.
At SAE-PRI, Joanna Kennedy launched a competition to get employees comfortable using AI in their daily work. At its best, compliance training should help employees feel free to innovate, with the confidence that they understand how to keep data safe. Joanna’s competition allowed employees to use any generative AI tool they wanted to write a poem about summer. The prompt was simple with no risk of inputting protected data where it shouldn’t be. Employees had fun using AI for artistic expression, and once they had basic experience using the tool, they were invested enough to learn how to adopt AI safely into their work.
A few ambitious teams have even created entire virtual escape rooms to teach privacy and cybersecurity concepts. You don’t need to start with anything so complex. Jamie Massaro at Spectro Cloud uses privacy policy scavenger hunts to keep training light and interesting. In this activity, participants must find the answers to basic questions within the company’s privacy policy.
3. Reward strong participation.
A reward can be as simple as a raffle entry, according to Kaushal Rao, a privacy integration manager for TikTok. When all else fails, a small extrinsic incentive can make the difference in training completion rates.
A reward could also be career differentiation. At SAE-PRI, Joanna Kennedy works with a cross-company data privacy council. Leadership recognizes that participation in the council should be formally recognized and built into the job descriptions of the participants. As an additional incentive, the company has invested in them by providing more comprehensive privacy training compared with the rest of the employees.
By recognizing privacy responsibility not just as a bullet on a job description but as participation on a council, Joanna recognizes the extra effort these employees put in and gives them an extra title to take with them on future career endeavors.
4. Don’t be afraid to get a little silly.
The stakes on privacy are serious, but privacy training doesn’t need a dour tone. In fact, integrating humor throughout your training can help make information stick.
At Spectro Cloud, Jamie Massaro ensures every quiz question has at least one goofy or nonsense answer. She explains, “We get so many compliments because we make all of our own training and add so many silly elements in. People look forward to seeing what unexpected thing they will find next. They really want to pick the wrong answers because they’re more entertaining!”
Steve Gentry at Cognate Cyber keeps training videos short, but doesn’t cut out the bloopers. Keeping things interesting, Joanna Kennedy from SAE-PRI has incorporated data privacy raps into training. Every laugh counts!
Final thoughts
Find and share more privacy training ideas in Privacy Basecamp, our Slack community of 1,000+ privacy professionals. This free resource includes a variety of regional and topical channels to help you find and share privacy best practices, alongside ongoing privacy news coverage, job listings, study groups, and more. See you there!
