Fundamentals of the Personal Data Protection Act (PDPA)

NTUC LearningHub

Course introduction

Gain an overview and understanding of PDPA. Learn on the legislative and regulatory requirements of PDPA Learn to prepare management report for follow-up.

Course Benefits

After completing this course, students will be able to:

  • Identify legislative and regulatory requirements under the PDPA that the organisation has to comply with,
  • Communicate key legislative and regulatory requirements under the PDPA and related management systems to relevant stakeholders to facilitate compliance,
  • Assess the organisations internal policies and procedures to ensure compliance,
  • Identify and document areas of non-compliance in business activities;
  • Assist in review of the organisations guidelines / policies for adherence to requirements under the PDPA,
  • Assist in the implementation of procedures to ensure adherence to requirements under the PDPA in the day-to-day operations of the organisation, and
  • Prepare management report for follow-up action.

Course Pre-Requisites

Students are assumed to be able to:

  • Understand relevant organisational strategies, objectives, culture, policies, processes and products / services;
  • Have information gathering skills to gather and collate necessary data;
  • Have analytical skills to assess policies and procedures;
  • Have business writing skills to prepare management report;
  • Have interpersonal and communication skills to interact with relevant stakeholders;
  • Have facilitation skills to ask the right questions to elicit necessary information; and
  • Be aware of compliance requirements of organisation.

Target Audience

The suitable students for this programme are likely to be:

  • Compliance Managers or Data Protection Officers (DPOs) and
  • Human Resource, Admin, IT personnel, Sales and Business Development Executive / Managers who need to be involved in data protection matters.

Course Outline

Introduction to Personal Data Protection Act (PDPA)

  • Objectives of the Data Protection Regime
  • Key Terms Personal Data, Business Contact Information (BCI), Individual & Organisations, Data Intermediary and Other Key Terms
  • Who Will Not be Impacted?
Data Protection Provisions and Do Not Call Provisions
  • PDPA 9 Key Obligations/ Consent Obligation/ Purpose Limitation Obligation/
  • Notification Obligation/ Access & Correction Obligation/ Accuracy Obligation
  • Protection Obligation/ Retention Limitation Obligation
  • Transfer Limitation Obligation/ Openness Obligation
  • Existing Data and Other Existing Laws
  • Selected Topics Employment, NRIC
Data Protection Provisions and Do Not Call Provisions
  • Selected Topics CCTV,  Anonymisation, Research & Analytics, Online Activities
  • Do Not Call Provisions:
  1. DNC Registry Specified Message and Examples
  2. Exemption Order
  3. DNC Operational Rules
  4. Spam Control Act
  • Assessment: Understanding Data Protection Provisions and Do Not Call Provisions under the PDPA
Roles of Data Protection Officer (DPO)
  • Appointment of DPO/ Possible Roles of a DPO/ Governance Structures
  • Assessment: Develop a Governance Structure for Your Organisation
Recap Lesson
  • Personal Data Protection Act/ Key Terms and Obligations of PDPA
  • Do Not Call Provisions
Create an Organisations Data Inventory Map (DIM) and Identify Possible Areas of Non-Compliance
  • What is a DIM and How to Create One for the Organisation
  • Example of a DIM
  • Assessment: Develop a DIM for Your Organisation. Explain Your DIM.
  • Assessment: Use the Checklist Provided, List 4 Possible Areas of Non-Compliance in Your Organisation
Develop a Process for Handling Complaints Relating to Data Protection
  • Typical Complaint Handling Process
  • What to Consider When Developing Process for Handling Complaints Relating to Data Protection
  • Example of Complaint Handling Process Relating to Data Protection
  • Assessment: Develop a Process for Handling Complaints Arising From a Breach of One of the 9 Key Obligations
Training and Communications to Staff
  • Objectives and Outcomes of Staff Training and Communications
  • What to Consider When Developing a Training and Communications Plan
  • Example of a Training and Communications Plan
  • Assessment: Create a Training and Communications Plan for Your Organisation

Available Course Sessions

Please click here to stay updated on upcoming sessions.

Trainer Profile

NTUC Learninghub Pte Ltd (Executive Arm of NTUC LearningHub)

NTUC LearningHub® employs industry experienced and vendor certified instructors. These instructors are required to achieve sufficient qualifications before leading a class. In addition, we work with partners to deliver the latest course materials and computer facilities so that students can learn critical skills and prepare for the examinations.