This data security basics toolbox talk template from Health & Safety Zone offers a concise, SEO‑optimised guide for non‑IT staff to understand and manage data protection risks. It outlines common hazards such as phishing email attacks, lost or stolen laptops, weak password practices, unsecured removable media, outdated software and accidental data exposure through insecure cloud sharing. For each hazard the talk provides step‑by‑step controls that satisfy the UK GDPR, the Data Protection Act 2018, the Computer Misuse Act 1990, the NIS Regulations 2018 and BS EN ISO 27001. The template is ideal for offices, retail outlets, public‑sector organisations, security‑focused teams and any workplace that must demonstrate compliance with Cyber Essentials and UK data protection legislation. Fully editable – simply insert your company name, tailor the examples to site‑specific risks and share the talk with all employees. Compliant with: UK GDPR security principle (Article 32), Data Protection Act 2018, Computer Misuse Act 1990, Section 1, NIS Regulations 2018, and UK GDPR Article 32. It can be incorporated into regular safety briefings, induction programmes and audit preparations, ensuring consistent messaging across the organisation and improves compliance. Use this resource to build a strong data security culture, meet regulatory requirements and minimise the financial and reputational impact of data breaches.