These slides consist the strategic talking points that are delivered in the Half-Day Public Seminar on Malaysian Personal Data Protection Act 2010 by Noriswadi Ismail of Quotient Consulting. (c) 2011 Quotient Consulting. For further academic enquiries, research and potential collaborations/consulting opportunities, please contact <noriswadi>
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Half day public seminar on pdpa 2010 - 250711
1. HALF-DAY PUBLIC SEMINAR ON MALAYSIAN PERSONAL DATA PROTECTION ACT (PDPA) 2010 25 July 2011, Monday, 9.30 am – 12 pm Legal Training Room, Menara SSM @ Sentral By Noriswadi Ismail Quotient Consulting 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
2. Vignette 1 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable Harimau Malaya, Malaysian, holds a Malaysian ID, passport, driving license, 3 Malaysian bank accounts, 2 mobile accounts and 5 loyalty membership cards. His details are also registered in 2 private clinics, 1 government hospital and 2 insurance companies. He has 1 bank account in London and Hong Kong respectively. He travels frequently for business and golfing. He is a director of 3 companies in Malaysia, London and Hong Kong. Also, an avid golfer of 3 golf clubs (Malaysia, Indonesia and Scotland).
3. Executive Summary Q: What is PDPA 2010? Q: Why we need to comply with PDPA 2010? Q: What are the 7 data protection principles? Q: Will PDPA 2010 kill my business operations? Q: To what extend PDPA 2010 affects your business operations? Q: We are a start-up and a semi medium sized company, how should we strategise? Q: When should we start? Q: Is there any additional compliance cost for this purpose? Q: How about formality and enforcement? Q: What’s next and the must-to-do list? Q: How to ensure such data protection & privacy management sustainable? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
4. What is PDPA 2010? ::: An Informational privacy legislation ::: 10 Parts (Preliminary, Personal Data Protection Principles, Registration, Data user forum and Code of practice, Rights of data subject, Exemption, Personal data Protection Fund, Personal Data Protection Advisory Committee, Appeal Tribunal, Inspection, Complaint and Investigation, Enforcement, Miscellaneous, Savings and Transitional Provisions) ::: 146 Sections ::: Jurisdiction: Malaysia 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
5. What is PDPA 2010? ::: Received Royal Assent on 2 June 2010 , and gazetted a week later ::: Compliance commences: 3 months from the date of enforcement ::: Application: To commercial transactions only , not applicable to Federal and State Governments ::: Cross reference to: Electronic Commerce Act 2006’s definition on commercial transactions “…any transaction of a commercial nature, whether contractual or not, which includes any matters relating to the supply or exchange of goods or services, agency, investments, financing, banking, insurance, but does not include a credit reporting business carried out by a credit reporting agency…” 07/23/11 (c) 2011 Quotient Consulting, Information is Invaluable.
6. What is PDPA 2010? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
7. What is PDPA 2010? *Regulator 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
8. What is PDPA 2010? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
9. What is PDPA 2010? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
10. Why We need to comply with PDPA 2010? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
11. What are the 7 data protection principles? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
12. Will PDPA 2010 kill my business operations? ::: Yes, if, your business operations are inconsistent and non compliance with the PDPA 2010’s 7 data protection principles; ::: Yes, if, your business operations do not have the necessary framework, control, management and monitoring of the 7 data protection principles’ requirements; ::: No, as PDPA 2010 enhances trust, value and reputation of your business; and ::: No, as PDPA 2010 seeks to safeguard all of your data 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
13. To what extend PDPA 2010 affects your business operations? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
14. To what extend PDPA 2010 affects your business operations? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
15. We are a start-up and a semi medium sized company, how should we strategise? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
16. We are a start-up and a semi medium sized company, how should we strategise? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
17. When should we start? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
18. Vignette 2 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable Keranamu is a Government Consultant who advises on strategic acquisition of certain stakes in Company 76, a public listed company, incorporated in Hong Kong. The proposed acquisition is channeled through a leading Government Investment arm. Company 76 appoints an European-based consultant to act on their behalf in the negotiations.
19. Is there any additional compliance cost for this purpose? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable ::: Yes , subject to the budget, resource planning & business plans ::: No, if it has been anticipated
20. How about formality and enforcement? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
21. How about formality and enforcement? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
22. Vignette 3 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable Truly Asia Travels & Tours has been appointed by some governmental agencies and private companies as their exclusive travel agent. The terms of reference include managing such flight, hotel, travel itinerary and related bookings. The amount of data processing of data subjects, transfers and sharing are done globally.
23. What’s next and the to-do-list? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable ::: Strategic planning ::: Resource planning ::: Dissemination planning
24. What’s next and the to-do-list? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable ::: Strategic planning
25. What’s next and the to-do-list? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable ::: Resource Planning
26. What’s next and the to-do-list? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable ::: Dissemination Planning
27. How to ensure such data protection & privacy management sustainable? 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable
28. Vignette 4 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable Hospitals A1, A2 & A3 are government hospitals. These hospitals deal with patients who mostly consist the public and engage with local and international consultants.
29. Vignette 5 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable Universities B1, B2 & B3 are public universities. These universities engage with local and international students, consultants, international academics and universities globally.
30. THANK YOU QC TM London. Kuala Lumpur. Jakarta Data Diagnosis | Privacy Impact Assessment | Data Protection & Privacy Strategy Training | Data Protection & Privacy Certification | Public & Private Consultations <noriswadi@googlemail.com> 07/23/11 (c) 2011 Quotient Consulting, Information Is Invaluable