Upon completing this course, participants will be able to:
- Describe and explain the requirements under the Personal Data Protection Act
- Describe the various business activities and how non-compliance with the Personal Data Protection Act can occur during those activities
- Understand a risk matrix that can be used to assess risks of non-compliance with PDPA and risk controls that can be implemented in order to develop risk assessment report
- Carry out methods to resolve risks involved in different types of business activities
- Understand methods that can be used by an organization to maintain its compliance with the PDPA and thus reducing the risk of non-compliance with the PDPA in the long term
- Communicate PDPA risk management measures to relevant staff for them to familiarize themselves
- Develop improvements in risk countermeasures to reduce the likelihood of PDPA non-compliance in the future
Pre-requisites
The admission requirements are:
- There are no pre-requisites for this course. However, it is preferable that learners have the following assumed knowledge and experience and assumed skills.
- Understands relevant organisational strategies, objectives, culture, policies, processes and products / services
- Aware of compliance requirements of the organisation
- Read, write, and speak English at WPL Level 4
- Manipulate numbers at WPN Level 4
- Hardware & Software
- This course will be conducted as a Virtual Live Class (VLC) via Zoom platform.
- Participants must own a Zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. Download from zoom.us/download.
| System Requirement |
| Must-have:
Please ensure that your computer or laptop meets the following requirements.
Good-to-have:
Not recommended: |
Course Outline
- Introduction to PDPA and how it affects business operations
- When and why PDPA was enacted
- Enforcement
- Penalties
- Key Requirements under Personal Data Protection Act
- 11 Key Obligations
- Accountability
- Notification
- Consent
- Purpose Limitation
- Accuracy
- Protection
- Retention Limitation
- Transfer Limitation
- Access and Correction
- Data Breach Notification
- Data Portability
- Do Not Call Provisions
- 11 Key Obligations
- Business activities impacted by requirements of Personal Data Protection Act and the risks that follows
- Internal activities
- Human Resource
- Procurement
- IT
- Transactions with vendors
- Activities involving customers and the public
- Video recording, CCTV surveillance and Photography
- NRIC collection
- Electronic Processing of Personal Data
- Internal activities
- Develop risk assessment report to highlight and manage risks
- Risk Matrix
- Risk Rating
- Risk control measures
- Report writing
- Action plans to manage risks
- Control measures
- Administrative
- Physical
- Technical
- Control measures
- Ensuring continuing compliance with the PDPA
- Staff training and communication
- Conducting Annual Review using PDPC issued tools
- Subscribing to services
Certificate Obtained and Conferred by
- Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Statement of Attainment (SOA), accredited by SkillsFuture Singapore. SOA will be reflected as [code name, ICT-SNA-3005-1.1 Business Risk Management].
- Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Certificate of Completion from NTUC LearningHub.
Categories
More Information
- NTUC LearningHub
Add a review