After completing this course participant will be able to:
- Understand the application of the Personal Data Protection Act 2010 and its related offences as a result of non-compliance.
- To reorganize the practices and process at the respective work areas to support data protection in line with Personal Data Protection Act 2010
- Increase the data integrity and ensure business continuity without contamination and infringement.
- Develop principles and mechanism to detect and prevent unauthorized management and dissemination of Personal Data.
- To develop and execute a Risk Based Compliance Inspection Plan to protect personal data.
- To obtain ideas to implement PDPA requirements successfully at the workplace.
Who Must Attend
All high and mid-ranking personnel whose jobscope entails the management of personal data. These include:
• Chief Executive Officers.
• Chief Financial Officers.
• General Managers.
• Human Resource Managers.
• Compliance Officers.
• Marketing & Sales Managers.
• Business Entrepreneurs
• Legal Advisors.
Mid-ranking personnel include:
• IT Legal & Compliance
• Human Resources
• Customer service
• Internal Audit
• Sales & Marketing
• Accounting & Finance
Transparency of Data Handling and the Right To Be Forgotten
- Primary duties of Data User under Section 7 PDPA 2010
- Data User subject to Audit and Inspection
- Due Diligence and role of Data User
- Statutory duties of Data User under PDPA 2010
- When must Notice be given
- Elements for Notice S.7 Compliance – How to collect / Means of sources / Disclosure to Third parties and rights of Data Subject
- Channels of communication – Best practice
Module 3: Understanding S.8/ S.10, / S.11 / S.12
Issues and Implications of the Principle
- Disclosure Principle under Section 8 and guidelines on when you can refuse to disclose or partially disclose
- Guidelines and understanding the Retention Principle and how it relates to Employees and former employees;
- Guidelines on Disposal of Records as per Retention Principle - Reasons for destruction/Destruction Methods/documentation for disposal/Checklist
- Guidelines and understanding the Data Integrity Principle under S.11;
- S.11 possible offences committed by companies and understanding of incorrect, not accurate, not up-to date data and inaccuracy and the relation of rights of individuals under Section 12 to counter Section 11 offences.
- Access Principle under S.12 and guidelines on how and when to grant excess to access requests.
- Guideline on requestor access request
A discussion on how the principles will be used in the compliance system of the company.
Module 4: Section 9
Security Guidance and Privacy Impact Assessment
This module looks at what constitutes a Personal data security breach and how such breaches can occur. It also considers how to avoid breaches, and the practical steps that should be taken when a breach occurs.
Key aspects of this module include:
- Analysis of the Security Principle under Section 9 PDPA
- How security principle used in relation to Nature of Data / Location / Third Party Outsourcing / Measures
- Do’s and Don’ts of Data Security and Common Breaches as highlighted by MCMC / PDP office.
- Data Security Standard -Implementation and Compliance
- Assessing Risks and Impact
- Compliance with Inspection Requirements
- Commissioner and understanding powers under S.104 to S.109 PDPA 2010
- Powers of Investigations by PDP Officers
- Penalties for Obstruction and search / seizure of data
- Criminal Offences and Liabilities under the PDPA 2010
- Punishment for contravention of the Act
- Offences by body corporate
- Contravention of the personal data protection principles
- Processing of sensitive personal data in contravention to Section 40
- Unlawful collection or disclosure of personal data
- Personal Data Protection (Compounding of Offences) Regulations 2016
Compliance for The Personal Data Protection Standards 2015 [Mandatory]
- The Data Security Standard distinguishes between conventional and electronic data management and prescribes various security measures in relation to each.
- Data Retention Standard
- Data Storage Standards
- Data Integrity Standard
- Data Security Standard
[ Client/Participants encouraged to discuss their organisation compliance audit as part of this module]
Module 7-LATEST 2022 UPDATE:
- New General Code of Practice of Personal Data Protection Issued under the Personal Data Protection Act 2010
- Who needs to comply with the General COP?
- Key Provisions under the General COP
- Security Requirements
- a. Additional Requirements for Privacy Notices
- b. Minimum Clauses for Agreement with Data Processors
Compliance Framework - The General CoP 2022 expressly requires APPLICABLE Data Users to develop and implement a compliance framework with appropriate compliance policies and procedures to ensure compliance with the General CoP and the PDPA
- Clarification on Instances Where a Data User May Use Personal Data to Conduct Direct Marketing
- Penalty for Non-Compliance
- Commercial Contracts Drafting and Negotiation
- Review & Minimise Risk; Service Level Agreements (SLA)
- Effective Contract Negotiations
- Compliance Anti Bribery and Anti Corruption
- Debt Recovery & Legal Process
“I had limited knowledge one PDPA before attending this course. The training helped me to understand the process necessary to be put in place in the company. It’s driven me to re-read and further gain additional knowledge on PDPA.”– Hana Rabi, Media Prima CJ O Shopping Sdn. Bhd.
“This training taught me the practical side of PDPA and made me feel much more knowledgeable about the law. The trainer is very good and has a vast knowledge of PDPA. If there are any other programs on say public speaking, I’d be interested to attend those.”Nurul, Clinical Research Malaysia.
"After asking lots of questions during the workshop, I am more aware of my rights in giving out my pesonal data" KH, Chong, Eagleburgmann (M) Sdn Bhd
|Sign up 1 pax|
|Pay before course starts|
|MYR 2590.00 per pax|
|USD 760.00 per pax|
|Sign up 1 person|
|Pay 14 days before course starts|
|MYR 1990.00 per pax|
|Sign up 3 pax or more|
|Pay 14 days before course starts|
|MYR 1890.00 per pax|
|USD 550.00 per pax|