Tailored PDPA Training To Suit Your Business
Customized
1 Days / 8 Hours
Andy Prakash
Client Office / Training Venue
650 SGD
Bank TT, Cheque, Credit Card
Menu
What’s In It For Me
- You will gain an overview and understanding of the 9 core PDPA obligations
- Learn on the legislative and regulatory requirements of PDPA
- Learn how to identify existing PDPA non-compliance at the workplace
- Regardless of which industry your organization is in, our training is crafted to meet your specific organizational needs
Overview
The course will provide you with a good overview and understanding of the PDPA and how it may be applied to the organisations for compliance. Areas covered in the training include key legislative and regulatory requirements of PDPA and how you can help ensure compliance and alignment with PDPA, as well as immediate implementable cyber hygiene practices at the workplace.
The course will be conducted using lecture slides, pop quizzes, case studies and a throughout review of a pre-training workplace audit. You will be awarded a Certificate of Completion upon successful course completion and PDPC’s corporate e-learning assessment.
Course objectives:
- Competent employees with fundamental understanding of the 9 obligations & DNC provisions
- On-site training for hands-on approach instead of traditional classroom based
- Ability to review existing policies & processes for compliance
- Implementation of course knowledge and cyber hygiene practices in daily operations
- Learn how to Develop & Map out the organization’s Data Processing Inventory Mapping (DPIM)
- PDPA compliance for employee awareness and training requirement
Who Should Attend
The suitable students for this programme are likely to be:
- Compliance Managers or Data Protection Officers (DPOs)
- Human Resource, Admin, IT personnel, Sales and Business Development Executive / Managers who need to be involved in data protection matters
Course Breakdown
- What is PDPA
- Who needs to comply
- Collection of NRIC
- How Data Protection Provisions Apply
- Data Controller
- Data Intermediary
- Data Owner
- Information Lifecycle
- Data Protection Officer
- Policy, People, Processes
- Valid Consent
- Deemed Consent
- Right to Withdrawal
- Exemptions
- Publicly Available Data
- Purpose Limitation Obligation
- Notification Obligation
- Enforcement Case Study
- Accuracy Obligation
- Protection Obligation
- Administrative Measures
- Physical Measures
- Technical Measures
- Enforcement Case Study
- Retention Limitation Obligation
- Ceasing to Retain Personal Data
- Enforcement Case Study
- Transfer Limitation Obligation
- Requirements for Transfer of Data Overseas
- Enforcement Case Study
- Access Obligation
- Processing a Access Request
- When Not to Provide Access
- Correction Obligation
- When Not to Provide Correction
- Formalizing a Process
- Accountability Obligation
- DPO Role & Responsibilities
- Registering your DPO with PDPC
- Enforcement Case Study
- Do Not Call Provisions
- Specific Message
- Clear & Unambiguous Consent
- Do Not Call Registry
- Checking the DNC Registry
- Sender of Specified Message
- Requirements When Sending a Specified Message
- Exemption Order in Brief
- Enforcement Case Study
- How Data Can Be Compromised
- Measures
- Access Controls
- Devices
- Networks
- Websites
- Why Secured Disposal is Important
- Disposing Electronic Data
- Securely Disposing Electronic Data
- Securely Disposing Physical Copies of Data
- Live Hacking Demonstration
- Malicious Downloads
- Recommended Browser Settings
- 10 Fundamental Cyber Hygiene Practices
- Dangers of “Free” Wifi Hotspots
- Useful Links
- PDPA Assessment Tool for Organisations (PATO)
- Self Assessment Report
- Highlighting Potential Gaps
- Recommendations & Action Plan
- Data Protection Notice Generator
- Generating Data Protection Notices
- Data Inventory Map
- Data Flow Diagram
- Pros & Con
- A.R.E
- Contain
- Assess
- Report
- Evaluate
- Notifying Relevant Stakeholders
- Introduction
- When to conduct a DPIA
- Stakeholders
- DPIA Lifecycle
- Access
- Planning
- Identify Personal Data & Flows
- Risk Assessment Framework
- Create an Action Plan
- Monitor Outcomes
- Sample DPIA Questionnaire
- What is a DPMP
- Policy
- People
- Process
- Maintenance
- Course Assessment
Trainer Profile
Andy Prakash
Andy Prakash co-founded AntiHACK.me, Singapore’s first bug bounty platform, working with the top community of white hat hackers to identify and report vulnerabilities in businesses’ websites, mobile applications and systems.
As the Chief Information Officer, he has given speeches and conducted masterclasses for ACE startups, co-working spaces, Echelon by e27 (2019), Chamber of Commerce and even Interpol 2019.
Seeing a lapse in the Data Protection industry, he started Privacy Ninja, providing PDPA Consultancy, training, audit and Outsourced DPO services. He is the designated Data Protection Officer for numerous companies in Singapore and handles Data Protection matters on a day to day basis.
Andy is the the outsourced DPO for ongoing notable clients like Marina Bay Holdings Group, Adam Khoo Learning Technologies, Curtin University, GrandBanks and more.
He has also been featured on numerous media outlets like Channel News Asia, Channel 8 and Berita Harian, on data privacy, cyber security and its various associated topics.
