PDPA Consultancy & Training


Tailored PDPA Training To Suit Your Business

PDPA Course

What’s In It For Me

  • You will gain an overview and understanding of the 9 core PDPA obligations
  • Learn on the legislative and regulatory requirements of PDPA
  • Learn how to identify existing PDPA non-compliance at the workplace
  • Regardless of which industry your organization is in, our training is crafted to meet your specific organizational needs

Course Overview
The course will provide you with a good overview and understanding of the PDPA and how it may be applied to the organisations for compliance. Areas covered in the training include key legislative and regulatory requirements of PDPA and how you can help ensure compliance and alignment with PDPA, as well as immediate implementable cyber hygiene practices at the workplace.

The course will be conducted using lecture slides, pop quizzes, case studies and a throughout review of a pre-training workplace audit. You will be awarded a Certificate of Completion upon successful course completion and PDPC’s corporate e-learning assessment.

Who Should Attend
The suitable students for this programme are likely to be:

  • Compliance Managers or Data Protection Officers (DPOs)
  • Human Resource, Admin, IT personnel, Sales and Business Development Executive / Managers who need to be involved in data protection matters

Course Objectives

  • Competent employees with fundamental understanding of the 9 obligations & DNC provisions
  • On-site training for hands-on approach instead of traditional classroom based
  • Ability to review existing policies & processes for compliance
  • Implementation of course knowledge and cyber hygiene practices in daily operations
  • Learn how to Develop & Map out the organization’s Data Processing Inventory Mapping (DPIM)
  • PDPA compliance for employee awareness and training requirement

    Course Breakdown (Click on each module to expand topic coverage)

    • What is PDPA
    • Who needs to comply
    • Collection of NRIC
    • How Data Protection Provisions Apply
    • Data Controller
    • Data Intermediary
    • Data Owner
    • Information Lifecycle
    • Data Protection Officer
    • Policy, People, Processes
    • Valid Consent
    • Deemed Consent
    • Right to Withdrawal
    • Exemptions
    • Publicly Available Data
    • Purpose Limitation Obligation
    • Notification Obligation
    • Enforcement Case Study
    • Accuracy Obligation
    • Protection Obligation
    • Administrative Measures
    • Physical Measures
    • Technical Measures
    • Enforcement Case Study  
    • Retention Limitation Obligation
    • Ceasing to Retain Personal Data
    • Enforcement Case Study    
    • Transfer Limitation Obligation
    • Requirements for Transfer of Data Overseas
    • Enforcement Case Study      
    • Access Obligation
    • Processing a Access Request
    • When Not to Provide Access
    • Correction Obligation 
    • When Not to Provide Correction
    • Formalizing a Process  
    • Accountability Obligation
    • DPO Role & Responsibilities
    • Registering your DPO with PDPC
    • Enforcement Case Study      
    • Do Not Call Provisions
    • Specific Message
    • Clear & Unambiguous Consent
    • Do Not Call Registry
    • Checking the DNC Registry
    • Sender of Specified Message
    • Requirements When Sending a Specified Message
    • Exemption Order in Brief
    • Enforcement Case Study      
    • How Data Can Be Compromised
    • Measures
    • Access Controls
    • Devices
    • Networks
    • Websites
    • Why Secured Disposal is Important
    • Disposing Electronic Data
    • Securely Disposing Electronic Data
    • Securely Disposing Physical Copies of Data
    • Live Hacking Demonstration
    • Malicious Downloads
    • Recommended Browser Settings
    • 10 Fundamental Cyber Hygiene Practices
    • Dangers of “Free” Wifi Hotspots
    • Useful Links
    • PDPA Assessment Tool for Organisations (PATO)
    • Self Assessment Report
    • Highlighting Potential Gaps
    • Recommendations & Action Plan
    • Data Protection Notice Generator
    • Generating Data Protection Notices
    • Data Inventory Map 
    • Data Flow Diagram
    • Pros & Cons
    • A.R.E
    • Contain
    • Assess
    • Report
    • Evaluate
    • Notifying Relevant Stakeholders
    • Introduction
    • When to conduct a DPIA
    • Stakeholders
    • DPIA Lifecycle
    • Access
    • Planning
    • Identify Personal Data & Flows
    • Risk Assessment Framework
    • Create an Action Plan
    • Monitor Outcomes
    • Sample DPIA Questionnaire
    • What is a DPMP
    • Policy
    • People
    • Process
    • Maintenance 

    Trainer Profile

    Andy Prakash co-founded AntiHACK.me, Singapore’s first bug bounty platform, working with the top community of white hat hackers to identify and report vulnerabilities in businesses’ websites, mobile applications and systems.

    As the Chief Information Officer, he has given speeches and conducted masterclasses for ACE startups, co-working spaces, Echelon by e27 (2019), Chamber of Commerce and even Interpol 2019.

    He has since exited the cybersecurity startup for an undisclosed sum and now focuses on Data Privacy Consultancy and PDPA training. He is the designated DPO for numerous companies in Singapore and handles Data Privacy matters on a day to day basis. 

    He has also been featured on numerous media outlets like Channel News Asia, Channel 8 and Berita Harian, on cyber security and its various associated topics.







    PDPA Course
    PDPA Course
    PDPA Course
    PDPA Course
    PDPA Course
    PDPA Course

    Contact our sales team

    Drop us your details and our sales Ninjas will get in touch in 24 hours


    Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

    Personal Data Protection


    We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
    × How can we help you?