Privacy Ninja

Tailored PDPA Training To Suit Your Business


1 Days / 8 Hours

Andy Prakash

Client Office / Training Venue

650 SGD

Bank TT, Cheque, Credit Card

What’s In It For Me

  • You will gain an overview and understanding of the 9 core PDPA obligations
  • Learn on the legislative and regulatory requirements of PDPA
  • Learn how to identify existing PDPA non-compliance at the workplace
  • Regardless of which industry your organization is in, our training is crafted to meet your specific organizational needs


This tailored PDPA consultancy training course will provide you with a good overview and understanding of the PDPA and how it may be applied to the organisations for compliance. Areas covered in the training include key legislative and regulatory requirements of PDPA and how you can help ensure compliance and alignment with PDPA, as well as immediate implementable cyber hygiene practices at the workplace.

The course will be conducted using lecture slides, pop quizzes, case studies and a throughout review of a pre-training workplace audit. You will be awarded a Certificate of Completion upon successful course completion and PDPC’s corporate e-learning assessment.

Course objectives:

Who Should Attend

The suitable students for this programme are likely to be:

  • Compliance Managers or Data Protection Officers (DPOs)
  • Human Resource, Admin, IT personnel, Sales and Business Development Executive / Managers who need to be involved in data protection matters

Course Breakdown

  • What is PDPA
  • Who needs to comply
  • Collection of NRIC
  • How Data Protection Provisions Apply
  • Data Controller
  • Data Intermediary
  • Data Owner
  • Information Lifecycle
  • Data Protection Officer
  • Policy, People, Processes
  • Valid Consent
  • Deemed Consent
  • Right to Withdrawal
  • Exemptions
  • Publicly Available Data
  • Purpose Limitation Obligation
  • Notification Obligation
  • Enforcement Case Study
  • Accuracy Obligation
  • Protection Obligation
  • Administrative Measures
  • Physical Measures
  • Technical Measures
  • Enforcement Case Study  
  • Retention Limitation Obligation
  • Ceasing to Retain Personal Data
  • Enforcement Case Study    
  • Transfer Limitation Obligation
  • Requirements for Transfer of Data Overseas
  • Enforcement Case Study      
  • Access Obligation
  • Processing a Access Request
  • When Not to Provide Access
  • Correction Obligation 
  • When Not to Provide Correction
  • Formalizing a Process  
  • Accountability Obligation
  • DPO Role & Responsibilities
  • Registering your DPO with PDPC
  • Enforcement Case Study      
  • Do Not Call Provisions
  • Specific Message
  • Clear & Unambiguous Consent
  • Do Not Call Registry
  • Checking the DNC Registry
  • Sender of Specified Message
  • Requirements When Sending a Specified Message
  • Exemption Order in Brief
  • Enforcement Case Study     
  • How Data Can Be Compromised
  • Measures
  • Access Controls
  • Devices
  • Networks
  • Websites
  • Why Secured Disposal is Important
  • Disposing Electronic Data
  • Securely Disposing Electronic Data
  • Securely Disposing Physical Copies of Data
  • Live Hacking Demonstration
  • Malicious Downloads
  • Recommended Browser Settings
  • 10 Fundamental Cyber Hygiene Practices
  • Dangers of “Free” Wifi Hotspots
  • Useful Links
  • PDPA Assessment Tool for Organisations (PATO)
  • Self Assessment Report
  • Highlighting Potential Gaps
  • Recommendations & Action Plan
  • Data Protection Notice Generator
  • Generating Data Protection Notices
  • Data Inventory Map 
  • Data Flow Diagram
  • Pros & Con
  • A.R.E
  • Contain
  • Assess
  • Report
  • Evaluate
  • Notifying Relevant Stakeholders
  • Introduction
  • When to conduct a DPIA
  • Stakeholders
  • DPIA Lifecycle
  • Access
  • Planning
  • Identify Personal Data & Flows
  • Risk Assessment Framework
  • Create an Action Plan
  • Monitor Outcomes
  • Sample DPIA Questionnaire
  • What is a DPMP
  • Policy
  • People
  • Process
  • Maintenance 

Trainer Profile

Andy Prakash - OSINT Practitioner & Trainer

Andy Prakash​

Andy Prakash co-founded, Singapore’s first bug bounty platform, working with the top community of white hat hackers to identify and report vulnerabilities in businesses’ websites, mobile applications and systems.

As the Chief Information Officer, he has given speeches and conducted masterclasses for ACE startups, co-working spaces, Echelon by e27 (2019), Chamber of Commerce and even Interpol 2019.

Seeing a lapse in the Data Protection industry, he started Privacy Ninja, providing PDPA Consultancy, training, audit and Outsourced DPO services. He is the designated Data Protection Officer for numerous companies in Singapore and handles Data Protection matters on a day to day basis.

Andy is the the outsourced DPO for ongoing notable clients like Marina Bay Holdings Group, Adam Khoo Learning Technologies, Curtin University, GrandBanks and more.

He has also been featured on numerous media outlets like Channel News Asia, Channel 8 and Berita Harian, on data privacy, cyber security and its various associated topics.

Contact our sales team

Drop us your details and our sales Ninjas will get in touch in 24 hours


Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us