Compliance with the PDPA & Updates on the Proposed Mandatory Data Breach Reporting for SMEs, Non-Profit Organisations and Professional Services Firms

Description

The number of organisations breaching Singapore’s Personal Data Protection Act (PDPA) has jumped to a new annual high, well before the year is over. Fines are also at an all-time high, with a total of S$1.28 million in fines issued so far this year. Eighty per cent of the 90 organisations that received warnings or fines from the PDPC between 2016 and this year had breached a protection obligation.

The top five sectors guilty of PDPA breaches were finance (14 per cent), retail (14 per cent), volunteer welfare organisations (10 per cent), professional services (9 per cent), and food and beverage (9 per cent). Untrained employees, inadequate security controls and weak passwords were among the top 10 common causes of PDPA breaches.

Programme Outline

Participants will learn and appreciate the following:

  • The 9 legal obligations governing the Act so as to apply these legal principles in their different work situations and under scenarios
  • The obligations of employers and employees under the Act in managing personal data in their daily work such as collection of NRICs, the use and disclosure of their customers’ data and protection obligation under the Act
  • A basic introduction to data protection security technologies including free data protection tools and software from the Internet
  • Examination of live web sites with good data protection policies and what are the components required in a company’s data protection policy
  • The proposed mandatory data breach reporting regime scheduled for implementation in the future
  • An exercise to bring together the lessons learnt for the day and to apply the 9 legal obligations in the scenario

To achieve the above, the Trainer will cover the following areas:

  • Complying with the 9 legal obligation of the Personal Data Protection Act (2012) (“The Act”)
  • Salient features in the Act concerning business and not-for-profit organizations for both employers and employees
  • Application of the Act to practical areas such as CCTV, collection of NRICS and simple-to-use data protection tools
  • Active Enforcement Framework launched in May 2019
  • Proposed Mandatory Data Breach Reporting Regime

Expert Speaker

K. K. Lim
Head, Cybersecurity, Privacy and Data Protection
Eversheds Harry Elias LLP  

A well-recognised figure in the information security and legal technology fraternity, KK is often invited to speak on technology law, risk compliance and cybersecurity and data protection in conferences and forums. Prior to being called to the Singapore Bar, KK worked for both the public and private sectors such as the Singapore Government, PLCs listed in Singapore and New York in the fields of technology policy, market research and information security consulting and data privacy including being the Chief Privacy Officer (APAC) for a global healthcare research company.

KK has also published in Privacy Advisor, a publication of the International Association of Privacy Professionals (IAPP) and the inaugural chapter contributor to Global Privacy & Security Law, a publication of Wolters Kluwer.

KK holds a Bachelor of Arts in Government and Psychology (University of Texas at Austin), a Bachelor of Laws (Monash University), a Master of Laws (National University of Singapore), a Specialist Diploma in Information Systems Security (Temasek Polytechnic) and is a Certified Information Security Manager (CISM). He is a co - founding member of The Association of Information Security Professionals (AiSP)(Singapore) as well as its former Secretary.

In addition to being the current Chair of the Cybersecurity and Data Protection Committee of The Law Society of Singapore, KK is also a Consultant with the Institute of Systems Science (ISS), National University of Singapore and an Adjunct Faculty Member of the Singapore Institute of Technology.

  • Feb 24
    Mon, 9:30 AM - Mon, 4:00 PM Singapore Marriott Tang Plaza Hotel
    • $470.80 incl. GST (7%)
    • PD hours: 5.5

Coming Soon

All Coming Soon >>

One-Connection-One-Fee

Our webinars operate on a 'one-connection-one-fee' basis so you can have your whole team participate for one cost effective price and claim CPD points.

Recordings

Like the topic but can’t make the time? Register for the Live Session and you’ll receive the Recording regardless! You can watch it as many times as you like for up to 6 months. You will also receive Supporting Documentation.