2 Days Personal Data Protection Act (PDPA) Course
The Singapore Personal Data Protection Act (“PDPA”) came into force over two phases, the provisions relating to the Do Not Call regime came into force at the beginning of 2014 and the remaining provisions of the PDPA came into force in the middle of 2014. Since then, many organizations are still grappling with the implementation of their compliance program to meet their obligations under the PDPA. Now, three years on, it is a good time for your organization to get updated on the latest regulation and compliance requirement within the framework of the advisory guidelines issued by the Personal Data Protection Commission.
A 2 Day Workshop to help your organization developed an Effective System to ensure Full compliance with the PDPA latest PDPA Requirement
The objective of this 2-day advanced course is to provide a step by step guide on how you can develop an effective and easy to maintain system within your organization to ensure that your organizational be in Full compliance of the latest Requirement
Exemptions to PDPA? What You Must Know
While there are certain exemptions to these obligations, it is clear that the organizations have a heavy responsibility particularly in light of the fact that criminal and civil consequences may be the result of one or more breaches of the PDPA.
Due to the serious potential consequences for breaches of the PDPA, in this 2-day Advanced PDPA workshop, we will be covering a detailed understanding of the critical provisions of the PDPA.It is hoped, thereby, that attendees will be able to ensure that their organizations are PDPA-compliant in all respects. Reference will be made to cases involving breaches and alleged breaches of the PDPA.
An Updated View of the latest PDPA Requirement
- The data protection provisions
- The Do Not Call registry provisions
Scope of significant terms under the PDPA such as but not limited to ‘personal data’, ‘individuals’, ‘organizations’, ‘data intermediaries’, ‘processing’, ‘collection’, ‘use and disclosure’, ‘reasonable’ and exclusions thereto.
The scope of the 9 Obligations under the data protection provisions of the PDPA and exceptions thereto
- The Consent Obligation
- The Purpose Limitation Obligation
- The Notification Obligation
- The Access and Correction Obligation
- The Accuracy Obligation
- The Protection Obligation
- The Retention Limitation Obligation
- The Transfer Limitation Obligation
- The Openness Obligation
Data Protection Officer – Dos and Don’t
- Your personal and organizational responsibilities
- Appointment and Role
- Responsibility to ensure compliance with the PDPA
- Understanding the criminal and civil sanctions for breaches of the PDPA
- Case Studies involving breaches and alleged breaches of the PDPA
- What this means
- When this is appropriate to be implemented
Applicability of the PDPA to different situations
- Photography, recordings and CCTV
- Online matters
- Personal identification documentation such as NRIC
Developed an Effective System in place to ensure compliance with the PDPA
- Awareness of the PDPA among management and employees
- Internalizing the importance of the PDPA among all members of the organization
- Training and updating all members of the organization on the PDPA and updates thereto by conducting A Personal Data Audit
- What to do if the organization is not PDPA-compliant
The Do Not Call (DNC) Registry
- Establishment of the Registry
- The registers that are maintained by the Registry
- Obligations of organizations relating to the sending of marketing messages
- Exceptions to the above obligations
*Including a brief review of the scope of the European Union General Data Protection Regulation.
Who Should Attend?
This course is targeted at all officers and managers of any organization that handle personal data particularly the Data Protection Officer. This includes those in the Human Resources, Legal, Sales, Marketing, Finance, Compliance and Audit teams.
Additionally, it is targeted at the executives of such organizations such as the Chief Executive Officer, President, Managing Director, Chief Financial Officer, Chief Information Officer and Directors who should also have a good knowledge of the PDPA. This is so they can supervise the employees who handle personal data as there are criminal and civil sanctions for the breach of the PDPA.
“An intelligent and knowledgeable facilitator! He gave very helpful case study and it was well-explained. I have learned quite a lot of new knowledge from him!” – Ong Bee Chong, Ministry of Education
“The trainer explained in simple layman terms even though he is a lawyer. He is very patient in explaining and we have learned a lot” – Florence Ho, Lions Home For Elders
Mr. Christopher Bridges has over 30 years’ experience as a litigator and practices General Litigation. His field of practice as a General Litigator is wide and varied. He is accredited on the List of Leading Counsel maintained by the High Court of Singapore which appoints on behalf of the State, senior criminal practitioners who are assisted by an assistant Counsel from a similar List of Assisting Counsel to represent a Defendant facing the Death Penalty and whose fees are paid for by the High Court.
He is also involved in the Academic Field as a Part Time Lecturer and has lectured at both the Singapore Polytechnic and Murdoch University where he conducts tutorials for Diploma Students in Business Law, covering topics on creation of contracts, employment rights and Law of International Trade which covers Carriage of Goods by Sea and Air, Maritime Insurance and Sale of Goods as well as Australian Consumer Law and Hospitality and Tourism Law.
Mr. Bridges graduated from the University of London in 1988 and was called to the Bar of England and Wales by the Honourable Society of the Inner Temple in 1989 after sitting for the Bar Finals where he won a Book Prize for Best Overseas Student in General Paper 1. He was admitted as an Advocate and Solicitor to The Supreme Court, Republic of Singapore on 6th June 1990. He is a Notary Public and a Commissioner for Oaths.