• Introduction
• Overview of the PDPA
• Definitions
• Personal Data
• Individual
• Organizations
• 9 Obligations
• Do Not Call (DNC) Provisions
• Collect, Use, Disclose, Storage
• Data Protection Officer
• Penalties
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Obtaining Consent From An Individual
• Failure To Opt Out
• Obtaining Consent On Behalf Of An Individual
• When Consent Is Not Validly Given
• Deemed Consent
• Obtaining Personal Data From Third Parties
• Withdrawal Of Consent
• Facilitating The Withdrawal Of Consent
• Effect Of A Withdrawal Notice
• Exceptions To The Consent Obligation
• Publicly Available Data
• Purpose Limitation
• Informing An Individual Of The Purpose
• Manner And Form
• Providing Notification Through A Privacy Policy
• Information To Include When Stating Purposes
• Good Practice Considerations
• Use And Disclosure For A Different Purpose
• Sample Templates Review
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Providing Access To Personal Data
• How Personal Data Has Been Used/Disclosed
• Response Time Frame For An Access Request
• Rejecting An Access Request
• Fees Chargeable To Process Access Obligation
• Exceptions To The Access Obligation
• Preservation Of Personal Data
• Obligation To Correct Personal Data
• Exceptions To The Correction Obligation
• Response Time For A Correction Request
• Form Of Access And Correction Requests
• Requirement Of Reasonable Effort
• Ensuring Accuracy Of Personal Data
• Sample Templates Review
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Examples Of Security Arrangements
• Administrative Measures
• Physical Measures
• Technical Measures
• How Long Personal Data Can Be Retained
• Ceasing To Retain Personal Data
• Determine If Retention Of Personal Data Is Ceased
• Anonymising Personal Data
• Sample Templates Review
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Conditions For Transfer Of Personal Data Overseas
• Scope Of Contractual Clauses
• Data In Transit
• Appointing A Data Protection Officer
• Registering Your Dpo With Pdpc
• Internal & External Data Protection Policies
• Communication To Staff On Policies & Practices
• Formalized Process For Access Request & Complaints
• Make Publicly Available The Dpo’s Contact Information
• Other Related Provisions
• Other Measures Relating To Accountability
• Sample Templates Review
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Definition Of “Specified Message”
• Exclusions From The Definition Of Specified Message
• Duty To  Check  The  Dnc  Register
• Obtaining Clear  And Unambiguous Consent
• Consent Evidenced In Written Or Other Form
• Requiring Consent For Telemarketing As A Condition
• Other Obligations Relating To Consent
• Exemption For Certain Specified Messages
• Providing Information Identifying The Sender
• Providing Information For Recipient To Contact Sender
• Definition Of “Sender”
• Sending Specified Message To A Singapore Number
• Excluded Persons
• Defence For Employees
• Sending Specified Messages In A Joint Offering
• Locations Of Sender And Recipient
• Telemarketing On Personal Data Before Pdpa Effected
• Measures To Prevent Sending To Wrong Recipients
• Application To Cases
• Relevant PDPA Obligations
• Checklist Of Good Practices For Organisations
• Checklist Of Good Practices When Outsourcing
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Email Spoofing Demonstration
• Redirection URL Links Demonstration
• Malicious Downloads
• Recommended Browser Settings
• Connecting To ‘free’ Wifi Hotspots
• Useful Links
• 10 Best Cyber Hygiene Practices
• Web Browser Security
• Browser Configuration
• Ublock Origin Plugin
• Browser Containers
• Browser Agents
• TOR Browser
• Browser Testing
• Virtual Private Networks
• Adopting ICT Security Measures
• Consolidated Checklist Of Good Practices
• Consolidated Checklist Of Enhanced Practices
• Physical Disposal Measures
• Shredding Issues And Practices
• Third Party Service Providers
• Case Studies
• Module Assessment (MCQ) & Answer Review

• Introduction
• Documenting Data Flows In The Organisation
• Data Inventory Map
• Data Flow Diagram
• When To Conduct A DPIA
• Who Should Be Involved
• DPIA Lifecycle
• Assess Need For DPIA
• Plan DPIA
• Identify Personal Data And Personal Data Flows
• Identify And Assess Data Protection Risks
• Risk Assessment Framework
• Create an Action Plan
• Implement Action Plan and Monitor Outcomes
• Sample Templates Review
• Module Assessment (MCQ) & Answer Review

• Introduction
• DPbD Principles
• DPbD and the Software Development Lifecycle
• DPbD for Existing ICT Systems
• Good DPbD Practices For ICT Systems
• Data Protection Impact Assessment (DPIA)
• Collection of Personal Data by ICT Systems
• Notification of Purpose & Data Protection Policy
• Getting Consent for Users’ Personal Data
• Development of ICT System
• Online Forms
• Access Control
• Testing of ICT System
• Access, Correction and Accuracy of PD in ICT Systems
• Housekeeping of Personal Data in ICT Systems
• User Device Security
• Exporting Data
• Retention of Personal Data in ICT Systems
• Maintenance Phase
• Setting Up A Website
• Key Considerations
• Outsourcing
• Website Security
• Security Policies And Processes
• Security Design
• PDPA Obligations
• Terminology
• Data Anonymisation Concepts
• Disclosure Risks
• Basic Data Anonymisation Techniques
• Putting It Together
• Summary
• Case Studies
• Module Assessment (MCQ) & Answer Review

Module Assessment (MCQ) & Answer Review

• Introduction
• Developing A DPMP
• Policy
• People
• Process
• PDPA Assessment Tool For Organisations (PATO)
• Risk Monitoring & Reporting Structure
• Maintenance
• Preparing For Data Breaches
• Responding To Data Breaches
• A.R.E
• Possible Causes Of Data Breaches
• Data Breach Notification To The PDPC
• Data Breach Notification To Affected Individuals
• Module Assessment (MCQ) & Answer Review
• Course Assessment (PDPC Corporate E-learning)