YB Dato' Sri Ahmad Shabery bin Cheek, Minister of Communications and Multimedia, has made announcement that the Personal Data Protection Act 2010 ("PDPA") comes into operation on 15 November 2013. With PDPA coming into force, data users will have a three-month transitional period to comply with its provisions in respect of existing personal data being processed, but will have to immediately comply with its provisions in respect of new personal data collected.
The penalties for breaching the PDPA include the imposition of fines of up to RM500,000 and/or a term of imprisonment not exceeding two years. Directors, CEOs, COOS, managers or other similar officers have joint and several liability for non-compliance by the body corporate, subject to the due diligence defence.
Will this affect me?
Both the public and private agencies who process their customers' personal data will need to reevaluate their current data privacy policies, processes and personal data management. Indiviuals will now have a new set of mandated rights, whereby they need to be informed about their personal data as well as the rights to access, correct and also to control the procession of the personal date by other parties.
Does this apply to my company?
This act is applicable to Malaysian companies that process personal data. Non-Malaysian companies who use equipment in Malaysia to process personal data is also subject to the PDPA. For non Malaysian companies, a designated Malaysian representative is required in this case.
This training is specially crafted for those who need to know more about personal data protection and who has contact with personal data on a regular basis.
There are some new regulations coming into Malaysia as of 25th May 2018. These regulations are known as the EU GDPR. The full name is European Union General Data Protection Regulation 2016 and malaysian companies dealng with EU data or storing their HR data in their EU parent company are bound by these regulations. This update will be given during the training.
This seminar is to educate on the legal and practical know-how that will be necessary to your compliance with the PDPA.
By the end of the training, delegates will be able to:
understand, implement and ensure compliance to the PDPA
Who Must Attend
 Directors, Chief Executive Officers, Chief Financial Officers, General Managers, Human Resource Managers, Compliance Officers. Marketing & Sales Managers, Business Entrepreneurs, Legal Advisor
- Appreciate who and what is covered by Personal Data Protection rules
- Understand the organisation’s policy and aims on personal data use
- Overview of the Act
- Know and apply the core principles for personal data use
- Punishment for contravention of the Act
- Offences by body corporate
- Contravention of the personal data protection principles
- Processing of sensitive personal data in contravention to Section 40
- Unlawful collection or disclosure of personal data
- When do you need to seek the consent of data subjects?
- How do you seek consent and exemptions to consent
- Channels of serving Notice to employees, contractors, supplies, vendors and visitors
- Guidelines on Consent
- Recognise when, and for what purpose staff / customer data may be used
- Questions to ask when collecting Data.
- What do companies need to do in order to comply?
- When do companies need to fully comply?
- Understanding applications to Employment Relationships
- Understanding how the Employment Act 1955 affects Personal Data
- How do companies set up an effective compliance framework?
- Guidelines on understanding Purpose under Section 6 PDPA 2010.
- Disclosure Principle and guidelines on when you can refuse to disclose or partially disclose;
- Retention Principle in relation to Employees and former employees;
- Data Integrity Principle
- Access Principle
- Activities relating to each Principle will be done.
- Benefits and challenges in being PDPA complaint
- Understanding the implementation of PDPA and the stages of Employment that is Pre/Beginning/During and End of Employment.
- Potential privacy related risks to organisations
- Case study on personal data issues and impacts
- The Data Security Standard distinguishes between conventional and electronic data management and prescribes various security measures in relation to each.
- Data Retention Standard focuses
- Data Storage Standards
- Data Integrity Standard
- Data Security Standard
- Ensuring that the recruitment and selection process meets legal requirements, including the content of application forms, pre-employment vetting, criminal records, medical checks and the interview process
- Retaining staff records, and appropriate periods of time for keeping information
- Dealing with staff information requests – what must be disclosed and can be withheld
- Disclosing staff information to outside third parties –the legal requirements that must be met before staff information can be sent outside the organisation
- References and the rights of ex-members of staff
- Monitoring staff activities and communication including using Managers, CCTV cameras and website technologies
- Outsourcing functions to third party providers
- Analysis of the Security Principle under Section 9 PDPA
- Managing Information security
- Data Security Standard -Implementation
- Understanding risks to Personal Information
- Taking a holistic approach to data security – staff vetting and access and other important organisational measures that should be implemented
- Knowing what to do in the event of a data protection breach
LL.B (Hons) London, CLP (Malaysia), TESOL (Canada)
- Trained and lectured for private companies and government entities. Participants made up of managers, CEOs, CFOs, corporate and government support staff and executives.
- Legal Experience includes civil litigation like employment matters , company ,corporate and banking issues.
- Conducted seminars for Employment law including on mock Industrial hearings of Domestic Inquiries and the Personal Data Protection Act 2010 which includes follow up legal advice for Pro-tem comittees on PDP implementation and drafting of Consent letters as required under the Act.
- Trained for the Federation of Manufacturers of Malaysia (FMM).
- Involved in advise and drafting of Human Resource policy and procedures. Also in the drafting of legal letters and advice of legislation pertaining to proper administration of Human Resource issues.
Some of the in-house and public programs include those from, NIAM (Persatuan Insuran Kebangsaan Malaysia), Honda, Petronas Fertilizer (Kedah), Suruhanjaya Syarikat Malaysia, Sime Darby, Malaysia Multimedia Commission, Penang Bridge Sdn Bhd., Solectron, Bax Global, TM, Yan Jin (M), Cititel Penang, Evergreen Laurel Hotel, Government Teachers in various schools, Smart Modular, Kwong Wah Yit Poh Press Berhad, Vitrox Technologies, Staff of UITM, Bank Negara, Dimerco Sdn.Bhd, G-Pile Sistem Sdn.Bhd., Masterskill (M) Sdn.Bhd, Subalipack (M) Sdn.Bhd, Mitsubishi Motors Malaysia Sdn.Bhd, Sumitomo Metals Sdn Bhd, Lembaga Koko, MARA and other government agencies and many more.
- When not conducting training programs, Ambigah tends to her legal consultation especially in the corporate field.
- Legal programs enhanced with Legal Practitioner’s advice and opinions. Imparting experience as Legal advisor and Litigation lawyer to be part of teaching of legal programs.
- Able to combine the elements taught in a specific program both soft skills and Legal with real life requirements for those on the job
“I had limited knowledge one PDPA before attending this course. The training helped me to understand the process necessary to be put in place in the company. It’s driven me to re-read and further gain additional knowledge on PDPA.”– Hana Rabi, Media Prima CJ O Shopping Sdn. Bhd.
“This training taught me the practical side of PDPA and made me feel much more knowledgeable about the law. The trainer is very good and has a vast knowledge of PDPA. If there are any other programs on say public speaking, I’d be interested to attend those.”Nurul, Clinical Research Malaysia."It has been an interesting sessions where the workshop has significantly increased my awareness on Personal Data act and its implications," S. Ryder, CEO, Eagleburgmann (M) Sdn Bhd
"After asking lots of questions during the workshop, I am more aware of my rights in giving out my pesonal data" KH, Chong, Eagleburgmann (M) Sdn Bhd
|Sign up 1 pax|
|Pay before course starts|
|Sign up 1 person|
|Pay 14 days before course starts|
|Sign up 3 pax or more|
|Pay 14 days before course starts|
(Fee inclusive of GST, Buffet Lunch, Refreshment, Welcome Pack, Training Materials Certificate of Achievement)
1. ONLINE PAYMENT by Credit card: You can opt to register and pay online with our latest payment integration system through our website.
2. BANK IN CHEQUE
Bank in and then scan the Bank-in slip and email to us before the course commence to confirm your seat.
Courier your cheque payment to our Finance HQ.
*Note that we DO NOT take any payments during the event.
3. BANK IN CASH: You can also pay by cash through bank-in our company bank account.
4. Telegraphic Transfer- You can also opt to use GIRO or telegraphic transfer of payment via international banks.