Law and Legal > Personal Data Protection Act 2010

Personal Data Protection Act 2010

Course Objectives

After completing this course, participants will be able to:

Understand the application of the Personal Data Protection Act 2010 and its related as a result of non-compliance.
To reorganize the practices and process the respective work areas to support data protection in line with Personal Data Protection Act 2010
Increase the data integrity and ensure business continuity without contamination and infringement.
Develop principles and mechanism to detect and prevent unauthorized management and dissemination of Personal Data.
To develop and execute a Risk Based Compliance Inspection Plan to protect personal data.

Target Audience

General Managers, Human Resource Managers, Compliance Officers. Marketing & Sales Managers

Methodology

Virtual Online Training Session via Zoom
Highly Interactive Session, with a bilateral approach to the subject participants to share incidences at respective work locations,
Case Studies.
Mind Mapping and Recap Sessions,
Breakout / Mini Workshop Session – allowing participants to develop their own process and to support subject matter and work in synergy with other participants.

Course Modules

- Who can authorise transfer
- Circumstances under which Data User can effect transfer within the ambits of PDPA 2010
  MODULE 1: The Underlying reason for the enactment of Personal Data Protection Act 2010
  - Increasing number of the following cases- Identity Theft, Data Loss, Unauthorized dissemination of data, Fraudulent Activities
  MODULE 2: Overview of Personal Data Protection Act 2010
  - Regulates processing of personal data
  - Only commercial transactions
  - Not data processed outside Malaysia
  - 7 Principles
  - Criminal
  - No civil remedies
  - Other supporting Regulations under PDPA 2010
  - Personal Data Protection Standards 2015
  - Proposed amendments to PDPA 2010 (What to be prepared for)
  MODULE 3: Data Subject, Data User & Data Processor
  - Definition
  - Categories
  MODULE 4: Personal data
  - What is Personal Data and its express and implied definition
  - Forms of Personal Data: As long as it identifies a data subject
  - Email – Whether it can be classified as personal data depends on the circumstances of the case.
  - IP address – Whether it can be classified as personal data depends on the manner in which it is disclosed.
  - Employer and Employee relationship. Data collated as pre-employment checks; Data volunteered just prior to employment; Data obtained during the course of employment.
  MODULE 5: Commercial Transaction
  - Any transaction of a commercial nature, whether contractual or not.
  - What are the areas of commercial activity that falls under the purview of Commercial >
  - Contracts (Data Processor Agreements)
  - Transfer of personal data overseas
  MODULE 6: Sensitive personal data
  - Definition and categories
  - Circumstances and conditions under which it can be processed or disseminated within the ambits of Personal Data Protection Act 2010
  MODULE 7: Processing – What constitutes Processing
  - Collecting
  - Recording
  - Holding
  - Storing
  - Organizing
  - Publishing on the Internet
  - Making available
  MODULE 8: Principles of Data Protection
  - For data to be processed lawfully in Malaysia, a data user shall comply with the following principles, namely
  - General Principle
  - Notice and Choice Principle
  - Disclosure Principle
  - Security Principle
  - Retention Principle
  - Data Integrity Principle
  - Access Principle
  (A detailed explanation coupled with examples and case studies of each principle will be shared with participants. The exception to the General Principle will also be discussed.)
  
  MODULE 9: In instances of crime prevention, the following principles must be upheld (at least):
  - General principle
  - Notice & choice principle
  - Disclosure principle
  - Access principle.
  MODULE 10: Rights of data subject
  - Right to access personal data
  - Right to correct personal data
  - Right to withdrawn consent
  - Right to prevent processing likely to cause damage or distress
  - Right to prevent processing for purpose of direct marketing
  MODULE 11: Transfer of Data Overseas
MODULE 12: What Constitutes an Offence under the Personal Data Protection Act 2010
- Summary of Offences
- Case Study
- Liabilities within the ambit of the act and its related impact

Get To Know The Trainer

Trainer Suresh

4.5

Suresh is trained and certified as an auditor and practitioner in the specialized area of Risk Management under the auspices of United States of America Customs and Border Protection(CTPAT Standards) and Transported Asset Protection Association (TAPA Standards), Asia. He is currently the Managing Director of Paradigm Resources specialized in providing risk management / assessment services for internal / external associates; consultation on brand standards / management / protection; contract management; outsourcing & subcontracting; and; human resources training and development programmes on various specialized topics, predominantly, risk management related subject matters, either on an one off or project basis.

VIEW PROFILE

Chat with us LIVE to get a

FREE QUOTATION!

COURSE INCLUDES

COURSE BENEFITS

ALL IN FROM ONLY

RM0/DAY

*T&C Applies

PARTICIPANT REVIEWS FOR THIS COURSE

4.7

HH
HASNYZAR BINTI HUSSIN
Executive, IT Management
5
MM
Myronn Marc Moncera
Senior Executive, Operations
5
B
Bavani
Executive, Quality Assurance
5
TW
Tan Chin Wuei
Assistant Manager, HR / Learning and Development
5
LE
Low Wei Ee
Manager / Supervisor, Others
5
Ny
Nur fazeera binti mohd yusof
Senior Manager, HR / Learning and Development
5
CS
Chow Wey Shin
Senior Manager, Accounting and Finance
3
Good training and sharing.