Data Protection Officer Certification
All organizations that process personal data (unless exempted) are subject to the PDPA. The PDPA requires that organizations must take certain steps including but not limited to not disclosing the personal data of employees without their consent, providing rights of access to such personal data and ensuring the right to correct such personal data. While there are certain exemptions to these obligations, it is clear that the organizations have a heavy responsibility particularly in light of the fact that criminal and civil consequences may be the result of one or more breaches of the PDPA.
The objective of this 3-day advanced course is to provide a step by step guide on how you can develop an effective and easy to maintain system within your organization to ensure that your organizational be in full compliance of the latest requirement.
- Introduction to Data Protection, Law and Statutes
- Data Lifecycle Management
- Gain a Comprehensive Understanding of Data Handling Policy and Procedures
- Ability to Identify and Prevent Potential Data Breach
- Understanding and Comply with Data Protection Ethical Guidelines
Who Should Attend?
- Officers and managers handling personal data
- Human Resources, Legal, Sales, Marketing,
- Finance, Compliance and Audit
- Chief Executive Officer, President,
- Managing Director, Chief Financial Officer,
- Chief Information Officer and Directors
Other Statement of Attainment, modular certificate or equivalent n.e.c.
Mr. Christopher Bridges has over 30 years’ experience as a litigator and practices General Litigation. His field of practice as a General Litigator is wide and varied. He is accredited on the List of Leading Counsel maintained by the High Court of Singapore which appoints on behalf of the State, senior criminal practitioners who are assisted by an assistant Counsel from a similar List of Assisting Counsel to represent a Defendant facing the Death Penalty and whose fees are paid for by the High Court.
He is also involved in the Academic Field as a Part Time Lecturer and has lectured at both the Singapore Polytechnic and Murdoch University where he conducts tutorials for Diploma Students in Business Law, covering topics on creation of contracts, employment rights and Law of International Trade which covers Carriage of Goods by Sea and Air, Maritime Insurance and Sale of Goods as well as Australian Consumer Law and Hospitality and Tourism Law.
Mr. Bridges graduated from the University of London in 1988 and was called to the Bar of England and Wales by the Honourable Society of the Inner Temple in 1989 after sitting for the Bar Finals where he won a Book Prize for Best Overseas Student in General Paper 1. He was admitted as an Advocate and Solicitor to The Supreme Court, Republic of Singapore on 6th June 1990. He is a Notary Public and a Commissioner for Oaths.
• An Updated View of the latest PDPA Requirement
1. The data protection provisions
2. The Do Not Call registry provisions
• Scope of significant terms under the PDPA such as but not limited to ‘personal data’, ‘individuals’, ‘organizations’, ‘data intermediaries’, ‘processing’, ‘collection’, ‘use and disclosure’, ‘reasonable’ and exclusions thereto. The scope of the 9 Obligations under the data protection provisions of the PDPA and exceptions thereto
1. The Consent Obligation
2. The Purpose Limitation Obligation
3. The Notification Obligation
4. The Access and Correction Obligation
5. The Accuracy Obligation
6. The Protection Obligation
7. The Retention Limitation Obligation
8. The Transfer Limitation Obligation
9. The Openness Obligation
• Data Protection Officer – Dos and Don’t
1. Your personal and organizational responsibilities
2. Appointment and Role
3. Responsibility to ensure compliance with the PDPA
4. Understanding the criminal and civil sanctions for breaches of the PDPA
5. Case Studies involving breaches and alleged breaches of the PDPA
1. What this means
2. When this is appropriate to be implemented
• Applicability of the PDPA to different situations
2. Photography, recordings and CCTV
3. Online matters
4. Personal identification documentation such as NRIC
• Developed an Effective System in place to ensure compliance with the PDPA
1. Awareness of the PDPA among management and employees
2. Internalizing the importance of the PDPA among all members of the organization
3. Training and updating all members of the organization on the PDPA and updates thereto by conducting A Personal Data Audit
4. What to do if the organization is not PDPA-compliant
• The Do Not Call (DNC) Registry
1. Establishment of the Registry
2. The registers that are maintained by the Registry
3. Obligations of organizations relating to the sending of marketing messages
4. Exceptions to the above obligations