SlideShare a Scribd company logo
Malaysia: Personal
Data Protection Act
(PDPA) 2010
Hairul Hafiz B
Hasbullah
Data Protection: (Part 2)
WHAT’S NEXT?
RING A BELL ?
WHAT YOU WILL LEARN?
• Refresher
• MyCEB PDPA Policy and Clauses in
Agreement
• Where are We?
• Action Plan
REFRESHER
Personal Data is
Information about an individual that is recorded in any
form
Types of Data
Data Subject/ User/Processor
What is Personal Data?
NRIC, Home address, age, blood type, marital status,
credit card etc
WHAT YOU WILL LEARN:
REFRESHER
What is the 7 Principles?
1 General
2 Notice & Choice
3 Disclosure
4 Security
5 Retention
6 Integrity
7 Access
WHAT IS YOUR RIGHT?
MyCEB PDPA POLICY AND CLAUSES
MyCEB PDPA POLICY AND CLAUSES
WHERE ARE WE ?
Collection of Personal Data
1 Do you collect personal data about your customer
2 Do you have a personal data inventory map on ( what data is collected?/
who collects?/ where it is stored?/ who it is disclosed to?
3 When collecting personal data, do you clearly inform the individual the
purpose for which it will be collected and obtain consent?
4 Do you ensure that 3rd party has obtained consent from the individuals
to disclose the personal data?
5 Is there a formal process for the withdrawal of consent by individuals in
respect of the collection?
WHERE ARE WE ?
Use Of Personal Data
6 Do you limit the use of personal data collected to only purposes that you
have obtained consent for?
7 Before data protection requirements of the PDPA come into operation,
are you using the personal data only for purposes that it was collected
for?
Disclosure of Personal Data
8 Do you limit the disclosure of personal data collected to only purposes
that you have obtained consent for?
WHERE ARE WE ?
Access and Rights
9 Have you established a formal procedure to handle requests for access
to personal data?
10 Do you have a list of 3rd party organisations to whom personal data was
disclosed and for what purpose?
11 Have you established a formal procedure to handle correction requests of
personal data?
Protection Obligation
12 Have you assessed the personal data protection risks within your
organisation and put in place personal data security policies?
13 Is the personal data that you hold adequately classified
14 Is the personal data kept in a secure manner?
WHERE ARE WE ?
Retention Limitation
15 Is there regular data housekeeping
16 Do you remove personal data no longer needed for business or legal
purposes?
ACTION PLAN
BE & MME
Implementation: Stage 2
• Forms & Agreements (Internal & External)
• Person In Charge for each Division
• Established Retention Policy on Data
• Housekeeping (Clean up Data and update)
• Provide an access for Data Subject to amend
• Exercise PDPA Policy Form across the board
CONGRATULATIONS!
You have just completed Privacy and Personal
data (Part 1) under MyCEB Personal Data Protection
2010
THANK YOU

More Related Content

What's hot

The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
SaimaRafiq
 
The Data Protection Act What You Need To Know
The Data Protection Act   What You Need To KnowThe Data Protection Act   What You Need To Know
The Data Protection Act What You Need To Know
EamonnORagh
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)
Benjamin Ang
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
mrmwood
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
Russell_Kennedy
 
The Personal Data Protection Act challenge in Singapore
The Personal Data Protection Act challenge in SingaporeThe Personal Data Protection Act challenge in Singapore
The Personal Data Protection Act challenge in Singapore
Jean Luc Creppy
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)
Andrew Sharpe
 
General data protection
General data protectionGeneral data protection
General data protection
BrijeshR3
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
Kholisile Mazaza
 
Data Protection Guidelines
Data Protection GuidelinesData Protection Guidelines
Data Protection Guidelines
David Scanlon
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018
Webkul Software Pvt. Ltd.
 
Merit Event - Understanding and Managing Data Protection
Merit Event - Understanding and Managing Data ProtectionMerit Event - Understanding and Managing Data Protection
Merit Event - Understanding and Managing Data Protection
meritnorthwest
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
grahamwell
 
ITIL CSI approach for PDPA Management
ITIL CSI approach for PDPA ManagementITIL CSI approach for PDPA Management
ITIL CSI approach for PDPA Management
Heng Meng Tan
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
DipanjanDey12
 
Data protection act
Data protection act Data protection act
Data protection act
Iqbal Bocus
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4
Wynthorpe
 
Intercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitIntercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkit
joshquarrie
 
EU GDPR (training)
EU GDPR (training)  EU GDPR (training)
EU GDPR (training)
Elizabeth Baker, JD, CRCMP
 
Data Privacy in India and data theft
Data Privacy in India and data theftData Privacy in India and data theft
Data Privacy in India and data theft
Amber Gupta
 

What's hot (20)

The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
The Data Protection Act What You Need To Know
The Data Protection Act   What You Need To KnowThe Data Protection Act   What You Need To Know
The Data Protection Act What You Need To Know
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)
 
Data Protection Act
Data Protection ActData Protection Act
Data Protection Act
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
 
The Personal Data Protection Act challenge in Singapore
The Personal Data Protection Act challenge in SingaporeThe Personal Data Protection Act challenge in Singapore
The Personal Data Protection Act challenge in Singapore
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)
 
General data protection
General data protectionGeneral data protection
General data protection
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
 
Data Protection Guidelines
Data Protection GuidelinesData Protection Guidelines
Data Protection Guidelines
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018
 
Merit Event - Understanding and Managing Data Protection
Merit Event - Understanding and Managing Data ProtectionMerit Event - Understanding and Managing Data Protection
Merit Event - Understanding and Managing Data Protection
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
ITIL CSI approach for PDPA Management
ITIL CSI approach for PDPA ManagementITIL CSI approach for PDPA Management
ITIL CSI approach for PDPA Management
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
Data protection act
Data protection act Data protection act
Data protection act
 
Safety And Security Of Data 4
Safety And Security Of Data 4Safety And Security Of Data 4
Safety And Security Of Data 4
 
Intercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkitIntercity technology - GDPR your training toolkit
Intercity technology - GDPR your training toolkit
 
EU GDPR (training)
EU GDPR (training)  EU GDPR (training)
EU GDPR (training)
 
Data Privacy in India and data theft
Data Privacy in India and data theftData Privacy in India and data theft
Data Privacy in India and data theft
 

Similar to PDPA 2010 (part 2) - What's Next?

GDPR: Day 1 and beyond
GDPR: Day 1 and beyondGDPR: Day 1 and beyond
Vanessa Baic
Vanessa BaicVanessa Baic
Vanessa Baic
Informa Australia
 
GDPR - Sink or Swim
GDPR - Sink or SwimGDPR - Sink or Swim
GDPR - Sink or Swim
Guy Griffiths
 
Preparing your Business for the Data Protection Bill
Preparing your Business for the Data Protection BillPreparing your Business for the Data Protection Bill
Preparing your Business for the Data Protection Bill
Symptai Consulting Limited
 
What does GDPR mean for your charity?
What does GDPR mean for your charity?What does GDPR mean for your charity?
What does GDPR mean for your charity?
NCVO - National Council for Voluntary Organisations
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
LawPlus Ltd.
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
Iain Wicks MCIPR
 
data-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfdata-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdf
kiruthigajawahar6
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
Harrison Clark Rickerbys
 
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Michael Sukachev
 
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
Knobbe Martens - Intellectual Property Law
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
EMMAIntl
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
Harrison Clark Rickerbys
 
The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)
LawPlus Ltd.
 
CBC GDPR – 1 month to go
CBC GDPR –  1 month to goCBC GDPR –  1 month to go
CBC GDPR – 1 month to go
Jason Chapman
 
Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18
Jon Rathbone
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection compliance
Fintan Swanton
 
B2: Fundraising in an age of GDPR
B2: Fundraising in an age of GDPRB2: Fundraising in an age of GDPR
B2: Fundraising in an age of GDPR
NCVO - National Council for Voluntary Organisations
 
Implementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy ProgramImplementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy Program
MSpadea
 
2014 dpa training february nn
2014 dpa training february nn2014 dpa training february nn
2014 dpa training february nn
Lawrence Serewicz
 

Similar to PDPA 2010 (part 2) - What's Next? (20)

GDPR: Day 1 and beyond
GDPR: Day 1 and beyondGDPR: Day 1 and beyond
GDPR: Day 1 and beyond
 
Vanessa Baic
Vanessa BaicVanessa Baic
Vanessa Baic
 
GDPR - Sink or Swim
GDPR - Sink or SwimGDPR - Sink or Swim
GDPR - Sink or Swim
 
Preparing your Business for the Data Protection Bill
Preparing your Business for the Data Protection BillPreparing your Business for the Data Protection Bill
Preparing your Business for the Data Protection Bill
 
What does GDPR mean for your charity?
What does GDPR mean for your charity?What does GDPR mean for your charity?
What does GDPR mean for your charity?
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentation
 
data-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdfdata-privacy-egypt-what-you-need-know-en.pdf
data-privacy-egypt-what-you-need-know-en.pdf
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
 
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
 
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)The 22nd Legal Forum Seminar (Nov 2021)
The 22nd Legal Forum Seminar (Nov 2021)
 
CBC GDPR – 1 month to go
CBC GDPR –  1 month to goCBC GDPR –  1 month to go
CBC GDPR – 1 month to go
 
Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection compliance
 
B2: Fundraising in an age of GDPR
B2: Fundraising in an age of GDPRB2: Fundraising in an age of GDPR
B2: Fundraising in an age of GDPR
 
Implementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy ProgramImplementing And Managing A Multinational Privacy Program
Implementing And Managing A Multinational Privacy Program
 
2014 dpa training february nn
2014 dpa training february nn2014 dpa training february nn
2014 dpa training february nn
 

Recently uploaded

一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理
一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理
一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理
mecyyn
 
Comparative analysis of ipc and bharitye Naya sahinta
Comparative analysis of ipc and bharitye Naya sahintaComparative analysis of ipc and bharitye Naya sahinta
Comparative analysis of ipc and bharitye Naya sahinta
adi2292
 
Capital Punishment by Saif Javed (LLM)ppt.pptx
Capital Punishment by Saif Javed (LLM)ppt.pptxCapital Punishment by Saif Javed (LLM)ppt.pptx
Capital Punishment by Saif Javed (LLM)ppt.pptx
OmGod1
 
一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理
onduyv
 
Should AI hold Intellectual Property Rights?
Should AI hold Intellectual Property Rights?Should AI hold Intellectual Property Rights?
Should AI hold Intellectual Property Rights?
RoseZubler1
 
一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理
一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理
一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理
meboh
 
快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样
快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样
快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样
15e6o6u
 
Corporate Governance : Scope and Legal Framework
Corporate Governance : Scope and Legal FrameworkCorporate Governance : Scope and Legal Framework
Corporate Governance : Scope and Legal Framework
devaki57
 
一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理
一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理
一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理
qevye
 
原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样
原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样
原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样
abondo3
 
Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...
Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...
Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...
AHRP Law Firm
 
Safeguarding Against Financial Crime: AML Compliance Regulations Demystified
Safeguarding Against Financial Crime: AML Compliance Regulations DemystifiedSafeguarding Against Financial Crime: AML Compliance Regulations Demystified
Safeguarding Against Financial Crime: AML Compliance Regulations Demystified
PROF. PAUL ALLIEU KAMARA
 
一比一原版林肯大学毕业证(lincoln毕业证)如何办理
一比一原版林肯大学毕业证(lincoln毕业证)如何办理一比一原版林肯大学毕业证(lincoln毕业证)如何办理
一比一原版林肯大学毕业证(lincoln毕业证)如何办理
fexbqa
 
一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理
一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理
一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理
duxss
 
一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理
一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理
一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理
pdeehy
 
一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理
一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理
一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理
ayvace
 
一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理
一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理
一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理
aypxuyw
 
Business Laws Sunita saha
Business Laws Sunita sahaBusiness Laws Sunita saha
Business Laws Sunita saha
sunitasaha5
 
THE CONCEPT OF RIGHT TO DEFAULT BAIL.pptx
THE CONCEPT OF RIGHT TO DEFAULT BAIL.pptxTHE CONCEPT OF RIGHT TO DEFAULT BAIL.pptx
THE CONCEPT OF RIGHT TO DEFAULT BAIL.pptx
Namrata Chakraborty
 
一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理
一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理
一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理
woywevt
 

Recently uploaded (20)

一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理
一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理
一比一原版(trent毕业证书)加拿大特伦特大学毕业证如何办理
 
Comparative analysis of ipc and bharitye Naya sahinta
Comparative analysis of ipc and bharitye Naya sahintaComparative analysis of ipc and bharitye Naya sahinta
Comparative analysis of ipc and bharitye Naya sahinta
 
Capital Punishment by Saif Javed (LLM)ppt.pptx
Capital Punishment by Saif Javed (LLM)ppt.pptxCapital Punishment by Saif Javed (LLM)ppt.pptx
Capital Punishment by Saif Javed (LLM)ppt.pptx
 
一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(uoft毕业证书)如何办理
 
Should AI hold Intellectual Property Rights?
Should AI hold Intellectual Property Rights?Should AI hold Intellectual Property Rights?
Should AI hold Intellectual Property Rights?
 
一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理
一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理
一比一原版牛津布鲁克斯大学毕业证(牛布毕业证)如何办理
 
快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样
快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样
快速办理(SCU毕业证书)澳洲南十字星大学毕业证文凭证书一模一样
 
Corporate Governance : Scope and Legal Framework
Corporate Governance : Scope and Legal FrameworkCorporate Governance : Scope and Legal Framework
Corporate Governance : Scope and Legal Framework
 
一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理
一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理
一比一原版(uwlc毕业证书)美国威斯康星大学拉克罗斯分校毕业证如何办理
 
原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样
原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样
原版定做(sheffield学位证书)英国谢菲尔德大学毕业证文凭证书原版一模一样
 
Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...
Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...
Indonesian Manpower Regulation on Severance Pay for Retiring Private Sector E...
 
Safeguarding Against Financial Crime: AML Compliance Regulations Demystified
Safeguarding Against Financial Crime: AML Compliance Regulations DemystifiedSafeguarding Against Financial Crime: AML Compliance Regulations Demystified
Safeguarding Against Financial Crime: AML Compliance Regulations Demystified
 
一比一原版林肯大学毕业证(lincoln毕业证)如何办理
一比一原版林肯大学毕业证(lincoln毕业证)如何办理一比一原版林肯大学毕业证(lincoln毕业证)如何办理
一比一原版林肯大学毕业证(lincoln毕业证)如何办理
 
一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理
一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理
一比一原版英国伦敦大学亚非学院毕业证(soas毕业证书)如何办理
 
一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理
一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理
一比一原版(uwgb毕业证书)美国威斯康星大学绿湾分校毕业证如何办理
 
一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理
一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理
一比一原版(ual毕业证书)伦敦艺术大学毕业证如何办理
 
一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理
一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理
一比一原版(liverpool毕业证书)利物浦大学毕业证如何办理
 
Business Laws Sunita saha
Business Laws Sunita sahaBusiness Laws Sunita saha
Business Laws Sunita saha
 
THE CONCEPT OF RIGHT TO DEFAULT BAIL.pptx
THE CONCEPT OF RIGHT TO DEFAULT BAIL.pptxTHE CONCEPT OF RIGHT TO DEFAULT BAIL.pptx
THE CONCEPT OF RIGHT TO DEFAULT BAIL.pptx
 
一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理
一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理
一比一原版多伦多都会大学毕业证(TMU毕业证书)学历如何办理
 

PDPA 2010 (part 2) - What's Next?

  • 1. Malaysia: Personal Data Protection Act (PDPA) 2010 Hairul Hafiz B Hasbullah Data Protection: (Part 2) WHAT’S NEXT?
  • 3. WHAT YOU WILL LEARN?
  • 4. • Refresher • MyCEB PDPA Policy and Clauses in Agreement • Where are We? • Action Plan
  • 5. REFRESHER Personal Data is Information about an individual that is recorded in any form Types of Data Data Subject/ User/Processor What is Personal Data? NRIC, Home address, age, blood type, marital status, credit card etc WHAT YOU WILL LEARN:
  • 6. REFRESHER What is the 7 Principles? 1 General 2 Notice & Choice 3 Disclosure 4 Security 5 Retention 6 Integrity 7 Access
  • 7. WHAT IS YOUR RIGHT?
  • 8. MyCEB PDPA POLICY AND CLAUSES
  • 9. MyCEB PDPA POLICY AND CLAUSES
  • 10. WHERE ARE WE ? Collection of Personal Data 1 Do you collect personal data about your customer 2 Do you have a personal data inventory map on ( what data is collected?/ who collects?/ where it is stored?/ who it is disclosed to? 3 When collecting personal data, do you clearly inform the individual the purpose for which it will be collected and obtain consent? 4 Do you ensure that 3rd party has obtained consent from the individuals to disclose the personal data? 5 Is there a formal process for the withdrawal of consent by individuals in respect of the collection?
  • 11. WHERE ARE WE ? Use Of Personal Data 6 Do you limit the use of personal data collected to only purposes that you have obtained consent for? 7 Before data protection requirements of the PDPA come into operation, are you using the personal data only for purposes that it was collected for? Disclosure of Personal Data 8 Do you limit the disclosure of personal data collected to only purposes that you have obtained consent for?
  • 12. WHERE ARE WE ? Access and Rights 9 Have you established a formal procedure to handle requests for access to personal data? 10 Do you have a list of 3rd party organisations to whom personal data was disclosed and for what purpose? 11 Have you established a formal procedure to handle correction requests of personal data? Protection Obligation 12 Have you assessed the personal data protection risks within your organisation and put in place personal data security policies? 13 Is the personal data that you hold adequately classified 14 Is the personal data kept in a secure manner?
  • 13. WHERE ARE WE ? Retention Limitation 15 Is there regular data housekeeping 16 Do you remove personal data no longer needed for business or legal purposes?
  • 14. ACTION PLAN BE & MME Implementation: Stage 2 • Forms & Agreements (Internal & External) • Person In Charge for each Division • Established Retention Policy on Data • Housekeeping (Clean up Data and update) • Provide an access for Data Subject to amend • Exercise PDPA Policy Form across the board
  • 15. CONGRATULATIONS! You have just completed Privacy and Personal data (Part 1) under MyCEB Personal Data Protection 2010 THANK YOU