Compliance Guide to the Personal Data Protection Act
All organizations that process personal data (unless exempted) are subject to the PDPA. The PDPA requires that organizations must take certain steps including but not limited to not disclosing the personal data of employees without their consent, providing rights of access to such personal data and ensuring the right to correct such personal data. While there are certain exemptions to these obligations, it is clear that the organizations have a heavy responsibility particularly in light of the fact that criminal and civil consequences may be the result of one or more breaches of the PDPA. The objective of this one day course is to provide an explanation of the terms of the PDPA to a level that would allow all attendees to understand what steps they must take to ensure that their organizations comply with the same terms.
This workshop will allow the participants to effectively understand and perform the roles as Data Protection Officers through hands-on practical and also to gain the knowledge on how to tailor PDPA and operationalise them for your business to ensure full compliance.
- The Scope of PDPA
- How PDPA is enforced
- Understand the Principles of Data Protection
- How to be PDPA Compliant on Data Collection
- How, Why and What to Personal Data Disclosure
- Individual Rights under PDPA
- Data Protection Obligations
*Including a brief review of the scope of the European Union General Data Protection Regulation.
Who Should Attend?
This course is targeted at all officers and managers of any organization that handle personal data. This includes those in the Human Resources, Legal, Sales, Marketing, Finance, Compliance and Audit teams. Additionally, it is targeted at the executives of such organizations such as the Chief Executive Officer, President, Managing Director, Chief Financial Officer, Chief Information Officer and Directors who should also have a good knowledge of the PDPA. This is so they can supervise the employees who handle personal data as there are criminal and civil sanctions for the breach of the PDPA.
- Overview of the PDPA
- The scope of the term ‘personal data’ – what does the PDPA cover and what does it not cover. Some of the persons to whom the scope does not apply are employees acting in the course of their employment with an organization. It also does not apply to a public agency or organisation in the course of acting on behalf of a public agency in relation to the collection, use or disclosure of the personal data (as set out in the relevant rules). It also does not cover information such as an individual’s name, position name or title, business telephone number or business electronic which were not provided by the individual solely for his or her personal purposes.
- The general rules under the PDPA that govern the collection, use, disclosure and care of personal data. As summarized on the website of the Personal Data Protection Commission, this includes the rule that organisations may collect, use or disclose personal data only with the individual’s knowledge and consent; that organisationsmay collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure; and organisationsmay collect, use or disclose personal data only for purposes that would be considered appropriate to a reasonable person in the given circumstances. The exceptions to the various rules will also be discussed.
- The persons who are responsible for the collection, use, disclosure and care of personal data.
- The criminal and civil sanctions for breaches of the PDPA.
- The Do Not Call (DNC) Registry
Mr. Christopher Bridges has over 30 years’ experience as a litigator and practices General Litigation. His field of practice as a General Litigator is wide and varied. He is accredited on the List of Leading Counsel maintained by the High Court of Singapore which appoints on behalf of the State, senior criminal practitioners who are assisted by an assistant Counsel from a similar List of Assisting Counsel to represent a Defendant facing the Death Penalty and whose fees are paid for by the High Court.
He is also involved in the Academic Field as a Part Time Lecturer and has lectured at both the Singapore Polytechnic and Murdoch University where he conducts tutorials for Diploma Students in Business Law, covering topics on creation of contracts, employment rights and Law of International Trade which covers Carriage of Goods by Sea and Air, Maritime Insurance and Sale of Goods as well as Australian Consumer Law and Hospitality and Tourism Law.
Mr. Bridges graduated from the University of London in 1988 and was called to the Bar of England and Wales by the Honourable Society of the Inner Temple in 1989 after sitting for the Bar Finals where he won a Book Prize for Best Overseas Student in General Paper 1. He was admitted as an Advocate and Solicitor to The Supreme Court, Republic of Singapore on 6th June 1990. He is a Notary Public and a Commissioner for Oaths.