This 2 day PDPA training course enable delegates to understand the legal requirements of compliance that apply to key areas of their daily working lives. The training is tailor-made with a practical focus on answering the day-to-day questions which may arise in relation to the participant’s organisation handling of personal data and with trainer giving concrete examples.
The PDP Commissioner’s Office has further indicated the Commissioner’s intention to carry out inspections on data users that are not registered or not required to be registered under the PDPA, in order to ensure compliance with the general provisions of the PDPA as well as the minimum security, retention and data integrity standards set out under the Personal Data Protection Standards 2015.
In other words, the Commissioner is moving towards the enforcement phase of the PDPA, and will be closely monitoring all data users, whether registered or otherwise. This move has signaled that there will be more prosecutions from 2019 onwards especially with the proposed introduction of the Data Breach Notification in June 2019.
Companies ignoring the PDPA law will face stiff penalties under the Criminal Law with penalties ranging from RM100,000 to RM500,000 per offence and jail term.
This seminar is to educate on the legal and practical know-how that will be necessary to implement the law and for your compliance with the PDPA.
Who Must Attend
 Directors, Chief Executive Officers, Chief Financial Officers, General Managers, Human Resource Managers, Compliance Officers. Marketing & Sales Managers, Business Entrepreneurs, Legal Advisor.
Module 1:Personal Data Protection Challenges At the Workplace
Introducing PDPA 2010
Ten Challenges for PDPA in the Digital Economy
Personal Data as a Commodity
Personal Data and IoT
Personal Data and Cloud computing
Module 2:Transparency of Data Handling and the Right To Be Forgotten
Primary duties of Data User under Section 7 PDPA 2010
Data User subject to Audit and Inspection
Guidelines on understanding Purpose under Section 6 PDPA 2010.
Recognise when, and for what purpose staff / customer data may be used
Due Diligence and role of Data User
Statutory duties of Data User under PDPA 2010
Module 3: Issues and Implications of the Principle
Disclosure Principle and guidelines on when you can refuse to disclose or partially disclose;
Guidelines and understanding the Retention Principle and how it relates to Employees and former employees;
Guidelines and understanding the Data Integrity Principle
Access Principle and guidelines on how and when to grant excess to access requests.
A discussion on how the principles will be used in the compliance system of the company.
Module 4: Security Guidance and Privacy Impact Assessment
This module looks at what constitutes a Personal data security breach and how such breaches can occur. It also considers how to avoid breaches, and the practical steps that should be taken when a breach occurs.
Key aspects of this module include:
Analysis of the Security Principle under Section 9 PDPA
Data Security Standard -Implementation
Assessing Risks and Impact
Taking a holistic approach to data security – staff vetting and access and other important organisational measures that should be implemented
Module 5: Criminal Offences and Liabilities under the PDPA 2010
Punishment for contravention of the Act
Offences by body corporate
Contravention of the personal data protection principles
Processing of sensitive personal data in contravention to Section 40
Unlawful collection or disclosure of personal data
Personal Data Protection (Compounding of Offences) Regulations 2016
Day 2 – Implementing Compliance under the Standards 2015 & PDPA 2010 [Mandatory] @ the workplace & Latest Updates 2019
Module 6: A Risk Based PDPA Compliance
Untenable Data Support
Data Leak and Abuse
CASE STUDIES ON BREACH
Compliance for Section 6
Samples on Purposes for Section 6 and Guideline on how to draft the Purpose clause in documents
Effect of Personal Data Protections Regulations 2013
Drafting consent clause for marketing of products
Sample clauses for withdrawal of consent
Drafting caution into letters.
Compliance for Section 7
Discussion on Drafting the Consent Notice for various categories of Business sectors
Discussion on Drafting Consent Notice for Application forms/ Interview forms/ Confidentiality clauses on consent
Drafting the Notice and understanding how to draft the purpose clause in the Notice
Guidelines on different categories of Notices
Module 7: Compliance for The Personal Data Protection Standards 2015 [Mandatory]
The Data Security Standard distinguishes between conventional and electronic data management and prescribes various security measures in relation to each.
Data Retention Standard focuses
Data Storage Standards
Data Integrity Standard
Data Security Standard
Module 8: Data Governance Strategies
Building awareness for all staff
Organisational and Operational measures
Documentation and Audit
Module 9: Updates 2019 – Proposed law to be introduced Data Breach Notification
Details of the Data Breach
Containment or Control measures
Containing the Breach – Steps to take
Format provided for DBN
LL.B (Hons) London, CLP (Malaysia), TESOL (Canada)
- Legal Experience includes civil litigation like employment matters , company ,corporate and banking issues.
- Conducted seminars for Employment law including on mock Industrial hearings of Domestic Inquiries and the Personal Data Protection Act 2010 which includes follow up legal advice for Pro-tem comittees on PDP implementation and drafting of Consent letters as required under the Act.
- Trained for the Federation of Manufacturers of Malaysia (FMM).
- Involved in advise and drafting of Human Resource policy and procedures. Also in the drafting of legal letters and advice of legislation pertaining to proper administration of Human Resource issues.
- Some of the in-house and public programs include those from, NIAM (Persatuan Insuran Kebangsaan Malaysia), Honda, Petronas Fertilizer (Kedah), Suruhanjaya Syarikat Malaysia, Sime Darby, Malaysia Multimedia Commission, Penang Bridge Sdn Bhd., Solectron, Bax Global, TM, Yan Jin (M), Cititel Penang, Evergreen Laurel Hotel, Government Teachers in various schools, Smart Modular, Kwong Wah Yit Poh Press Berhad, Vitrox Technologies, Staff of UITM, Bank Negara, Dimerco Sdn.Bhd, G-Pile Sistem Sdn.Bhd., Masterskill (M) Sdn.Bhd, Subalipack (M) Sdn.Bhd, Mitsubishi Motors Malaysia Sdn.Bhd, Sumitomo Metals Sdn Bhd, Lembaga Koko, MARA and other government agencies and many more.
In summary, Ambigah
- When not conducting training programs, Ambigah Krishnan tends to her legal consultation especially in the corporate field.
- Legal programs enhanced with Legal Practitioner’s advice and opinions. Imparting experience as Legal advisor and Litigation lawyer to be part of teaching of legal programs.
- Able to combine the elements taught in a specific program both soft skills and Legal with real life requirements for those on the job.
To contact Ms Ambigah for any speaking, training and consultancy engagements, :
please contact us at +603 8074 9056 | Mobile +6012 6869 628 | +6018 2735 123 or email: info@iTrainingExpert.com
“I had limited knowledge one PDPA before attending this course. The training helped me to understand the process necessary to be put in place in the company. It’s driven me to re-read and further gain additional knowledge on PDPA.”– Hana Rabi, Media Prima CJ O Shopping Sdn. Bhd.
“This training taught me the practical side of PDPA and made me feel much more knowledgeable about the law. The trainer is very good and has a vast knowledge of PDPA. If there are any other programs on say public speaking, I’d be interested to attend those.”Nurul, Clinical Research Malaysia.
"After asking lots of questions during the workshop, I am more aware of my rights in giving out my pesonal data" KH, Chong, Eagleburgmann (M) Sdn Bhd
|Sign up 1 pax|
|Pay before course starts|
|Sign up 1 person|
|Pay 14 days before course starts|
|Sign up 3 pax or more|
|Pay 14 days before course starts|
(Fee inclusive of Buffet Lunch, Refreshment, Welcome Pack, Training Materials & Certificate of Achievement)
1. ONLINE PAYMENT by Credit card: You can opt to register and pay online with our latest payment integration system through our website.
2. BANK IN CHEQUE
Bank in and then scan the Bank-in slip and email to us before the course commence to confirm your seat.
Courier your cheque payment to our Finance HQ.
* Note that we DO NOT take any payments during the event.
3. BANK IN CASH: You can also pay by cash through bank-in our company bank account.
4. Telegraphic Transfer- You can also opt to use GIRO or telegraphic transfer of payment via international banks.
ITRAININGEXPERT GLOBAL PLT
Tel:+603 8074 9056 | +603 8082 3707
Mobile: +6012 6869 628 | +6018 2175 123