You will understand basic data classification and risk assessment techniques so as to enable you to identify, assess and address personal data protection risks. At the end of the course, you able to identify and resolve risks in relation to data protection and DNC provisions, business processes and data intermediaries. You will also learn how to conduct a Data Protection Impact Assessment.
Course Objectives
You will have knowledge of the following:
- Potential personal data breaches or incidents impacting business / IT processes or services
- Personal data breach recovery processes, action steps and options
- Reporting process and incident response in connection with compliance with the PDPA
- PDPCs Guide to Managing Data Breaches 2.0
You will be able to perform the following:
- Prepare data breach notifications to inform individuals and report to PDPC in the event of a personal data breach incident
- Test personal data breach response plan and conduct possible breach sceanarios to validate process
- Implement personal data breach activities as per data breach management plan
- Monitor outcomes of the personal data protection breach management plan against key performance benchmarks
- Implement and track recommendations made to mitigate future breach incidents
- Document observations and actions in incident record log
Pre-requisites
- You have attended and are competent for module titled Fundamentals of Personal Data Protection Act or its equivalent
- You are assumed to be able to:
- Understand relevant organisational strategies, objectives, culture, policies, processes and products / services
- Have information gathering skills to gather and collate necessary data
- Have analytical skills to assess policies and procedures
- Have business writing skills to prepare management report
- Have interpersonal and communication skills to interact with relevant stakeholders
- Have facilitation skills to ask the right questions to elicit necessary information
- Be aware of compliance requirements of organisation
Hardware & Software
This course will be conducted as a Virtual Live Class (VLC) via Zoom platform. Participants must own a zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. This can be downloaded from https://zoom.us/download
System Requirement |
Must Have: Please ensure that your computer or laptop meets the following requirements.
Good to Have:
Not Recommended: |
Course Outline
Potential personal data breaches impacting business or IT
- Malicious activities
- Human error
- Computer system error
Managing personal data breaches using the CARE principle
- Containing the Breach
- Assessing the Risks and Impact
- Reporting the Breach
- Evaluate the Response
Reporting process and incident response in connection with compliance with PDPA
- Document observations in incident record log of incidents
- Post breach response
- Reporting breach internally
- Reporting breach to PDPC
- Reporting breach to affected individuals
Personal data breach recovery processes, action steps and options
- Test personal data breach response plan
- Implement personal data breach activities according to data breach management plan
- Implement and track recommendations to mitigate future breaches
Reference:
- Guide to Managing Data Breaches 2.0
- Guide to Active Enforcement
- Guide to Developing a Data Protection Management Programme
Categories
More Information
- NTUC LearningHub
Add a review