www.iTrainingExpert.

com

Personal Data Protection Act 2010 & 2015 (PDPA)

Select Date Time Country Venue

Overview

YB Dato' Sri Ahmad Shabery bin Cheek, Minister of Communications and Multimedia, has
made announcement that the Personal Data Protection Act 2010 ("PDPA") comes into
operation on 15 November 2013. With PDPA coming into force, data users will have a
three-month transitional period to comply with its provisions in respect of existing personal data
being processed, but will have to immediately comply with its provisions in respect of new
personal data collected.

The penalties for breaching the PDPA include the imposition of fines of up to RM500,000
and/or a term of imprisonment not exceeding two years. Directors, CEOs, COOS, managers or
other similar officers have joint and several liability for non-compliance by the body corporate,
subject to the due diligence defence.

Will this affect me?

Both the public and private agencies who process their customers' personal data will need to
reevaluate their current data privacy policies, processes and personal data management.
Indiviuals will now have a new set of mandated rights, whereby they need to be informed about
their personal data as well as the rights to access, correct and also to control the procession of
the personal date by other parties.

Does this apply to my company?

This act is applicable to Malaysian companies that process personal data. Non-Malaysian
companies who use equipment in Malaysia to process personal data is also subject to the
PDPA. For non Malaysian companies, a designated Malaysian representative is required in
this case.

This training is specially crafted for those who need to know more about personal data
protection and who has contact with personal data on a regular basis.

Learning Outcomes

This seminar is to educate on the legal and practical know-how that will be necessary to your
compliance with the PDPA.
By the end of the training, delegates will be able to:
understand, implement and ensure compliance to the PDPA

Who Must Attend

[1] Directors, Chief Executive Officers, Chief Financial Officers, General Managers, Human
Resource Managers, Compliance Officers. Marketing & Sales Managers, Business
Entrepreneurs, Legal Advisor
[2] Delegates who handle personal data on a regular basis as part of their job functions from
the following departments:
IT Legal & Compliance
Human Resources
Customer service
Internal Audit
Sales & Marketing
Accounting & Finance

Course Details

Module 1: Data Protection At the Workplace

Discussion on General Principles on Personal Data Protection Act 2010
This module will look at how to:
Appreciate who and what is covered by Personal Data Protection rules
Understand the organisations policy and aims on personal data use
Overview of the Act
Know and apply the core principles for personal data use
Module 2: Criminal Offences and Liabilities under the PDPA 2010
Punishment for contravention of the Act
Offences by body corporate
Contravention of the personal data protection principles
Processing of sensitive personal data in contravention to Section 40
Unlawful collection or disclosure of personal data
Module 3: Notice and Choice Principle
When do you need to seek the consent of data subjects?
How do you seek consent and exemptions to consent
Channels of serving Notice to employees, contractors, supplies, vendors and visitors
Guidelines on Consent
Recognise when, and for what purpose staff / customer data may be used
Questions to ask when collecting Data.
Module 4: Compliance: The What, When and How
What do companies need to do in order to comply?
When do companies need to fully comply?
The Employers Perspective: Change of Approach Required?
The series of changes intended to be brought about by the Act will invariably affect the way

employers approach employment issues where the employees personal information is

involved.
Understanding applications to Employment Relationships
Understanding how the Employment Act 1955 affects Personal Data
How do companies set up an effective compliance framework?
Guidelines on understanding Purpose under Section 6 PDPA 2010.
Module 5: Issues and Implications of the Principles
Disclosure Principle and guidelines on when you can refuse to disclose or partially
disclose;
Retention Principle in relation to Employees and former employees;
Data Integrity Principle
Access Principle
Activities relating to each Principle will be done.
Module 6: Benefit and Risks
Benefits and challenges in being PDPA complaint
Understanding the implementation of PDPA and the stages of Employment that is
Pre/Beginning/During and End of Employment.
Potential privacy related risks to organisations
Case study on personal data issues and impacts
Module 7: The Personal Data Protection Standards 2015
The Data Security Standard distinguishes between conventional and electronic data
management and prescribes various security measures in relation to each.
Data Retention Standard focuses
Data Storage Standards
Data Integrity Standard
Data Security Standard
Module 8: Human Resource Department and PDPA principles
For Human Resources departments, meeting the requirements of data protection law can be
particularly challenging. Holding and handling staff information carries significant legal
responsibilities and risks. This module discusses key areas of compliance issues.
Ensuring that the recruitment and selection process meets legal requirements, including
the content of application forms, pre-employment vetting, criminal records, medical
checks and the interview process
Retaining staff records, and appropriate periods of time for keeping information
Dealing with staff information requests what must be disclosed and can be withheld
Disclosing staff information to outside third parties the legal requirements that must be
met before staff information can be sent outside the organisation
References and the rights of ex-members of staff
Monitoring staff activities and communication including using Managers, CCTV cameras
and website technologies
Outsourcing functions to third party providers
Module 9: Security Guidance
This module looks at what constitutes a Personal data security breach and how such breaches
can occur. It also considers how to avoid breaches, and the practical steps that should be
taken when a breach occurs. Key aspects of this module include:
Analysis of the Security Principle under Section 9 PDPA
Managing Information security
Data Security Standard -Implementation
Understanding risks to Personal Information
Taking a holistic approach to data security staff vetting and access and other important
organisational measures that should be implemented

 Knowing what to do in the event of a data protection breach

The Principles 2010 and Standards 2015 will provide protection to the individuals personal
data, thereby safeguarding the interests of consumers, and e-commerce, network and non
network facility practitioners.

Methodology

Interactive lectures, Activities, and discussion

Personal Data Protection Checklist For Organisations will be emailed to Human Resource
Manager to be shared with the Pro-tem Committee as a guide on the implementation
exercise.

Course Leader

FACULTY MEMBERS:
AMBIGAH K
LL.B (Hons) London, CLP (Malaysia), TESOL (Canada)

Ambigah She has 15 years of training and lecturing experience on legal topics including civil
litigation like employment matters, company, corporate and banking issues. She is a PSMB
licensed corporate trainer and Corporate Legal Adviser who has a vast professional
experience in the training industry. She has excellent communication, writing, people and
class management skills.

Work Experience
Trained and lectured for private companies and government entities. Participants made
up of managers, CEOs, CFOs, corporate and government support staff and executives.
Legal Experience includes civil litigation like employment matters , company ,corporate
and banking issues.
Conducted seminars for Employment law including on mock Industrial hearings of
Domestic Inquiries and the Personal Data Protection Act 2010 which includes follow up
legal advice for Pro-tem comittees on PDP implementation and drafting of Consent
letters as required under the Act.
Trained for the Federation of Manufacturers of Malaysia (FMM).
Involved in advise and drafting of Human Resource policy and procedures. Also in the
drafting of legal letters and advice of legislation pertaining to proper administration of
Human Resource issues.
Some of the in-house and public programs include those from, NIAM (Persatuan Insuran
Kebangsaan Malaysia), Honda, Petronas Fertilizer (Kedah), Suruhanjaya Syarikat
Malaysia, Sime Darby, Malaysia Multimedia Commission, Penang Bridge Sdn Bhd.,
Solectron, Bax Global, TM, Yan Jin (M), Cititel Penang, Evergreen Laurel Hotel,
Government Teachers in various schools, Smart Modular, Kwong Wah Yit Poh Press
Berhad, Vitrox Technologies, Staff of UITM, Bank Negara, Dimerco Sdn.Bhd, G-Pile
Sistem Sdn.Bhd., Masterskill (M) Sdn.Bhd, Subalipack (M) Sdn.Bhd, Mitsubishi Motors
Malaysia Sdn.Bhd, Sumitomo Metals Sdn Bhd, Lembaga Koko, MARA and other
government agencies and many more.

In summary, Ambigah
When not conducting training programs, Ambigah Krishnan tends to her legal
consultation especially in the corporate field.
Legal programs enhanced with Legal Practitioners advice and opinions. Imparting
experience as Legal advisor and Litigation lawyer to be part of teaching of legal
programs.
Able to combine the elements taught in a specific program both soft skills and Legal with
real life requirements for those on the job.
OR
MS F. IVY
MA Corporate and Commercial Law (UK)
Prog of Instructions for Lawyers (Harvard Law School)
Law of Int. Finance (Euromoney)
Ivy is a Legal, Contracts and Compliance Trainer equipped with more than 23 years of
experience in the regulatory, banking, corporate, commercial and information technology
sectors in drafting and negotiating corporate, commercial and financial agreements,
compliance and risk management.
Ivy Fernandez holds a Masters degree in Corporate and Commercial laws from King's College
London, United Kingdom. She also attended the Program of Instructions for Lawyers
conducted by Harvard Law School and the Law of International Finance conducted by
Euromoney Legal Training. She has preciously lectured at the University Technology Malaysia
and MAICSA.
Ivyhas trained hundreds of representatives from governmental ministry and large organizations
that include; University Technology Malaysia , Wawasan Open University, MAICSA, Orga
Systems and Tanjong Group.
She possesses extensive experience in the areas of corporate, commercial and technology
sectors especially in deal structuring, drafting, reviewing and negotiating various corporate
and commercial agreements such as joint ventures, distribution and reseller agreements,
partnerships, non-disclosure agreements, supply and services agreements and turnkey and
EPCC contracts in the Asia Pacific and Middle East Region.
She has worked closely with Risk Management in the review of tender documents to identify
legal, financial, project risks, to propose risk management measures, and to monitor such risk.
She also provided legal advice and contract management on the legal implications of the
company's agreements to management and project managers and advice on the current and
latest laws and regulations affecting the operations of the company.
She has conducted reviewsof turnkey contracts of major telecommunications companies in the
Asia Pacific region and the Middle East and together with Risk Management and the tender
committee, identified and proposed risk mitigation measures to minimize and control legal,
financial and project risks. She was also responsible for negotiating International Agency
contracts for the appointment of agents in Africa and Philippines and ensuring compliance to
anti-corruption laws.

In her most recent role with an information technology German multinational, she negotiated
International Agency and Reseller Agreements while ensuring compliance to competition laws,
anti - corruption and bribery policies and other company contracting policies.
OR
KENNETH FOO. FCIS, LL.B (Hons), CLP
Fellow of the Chartered Institute of Secretaries (FCIS)
Bachelors Degree in Law [LL. B (Hons) London]
Certificate in Legal Practice (CLP)

Mr Foo is a Chartered Company Secretary practising since 1991 under his private firm in the
heart of Kuala Lumpur. As a practising Chartered Secretary, he consults and advices clients
on corporate secretarial, accounts and finance, management consultation and planning,
company administration and company law matters.
Kenneth is certified as a Senior Fellow by the Institute of Chartered Secretaries &
Administrators, United Kingdom in 1982. Subsequently, he was also awarded the Bachelors
Degree in Law by the University of London (External) in 1992 and later successfully completed
the Certificate in Legal Practice (CLP) conducted by the Legal Qualifying Board in 1993.
Aside from consultation, he has also served as a Council and committee member of various
capacities of the Malaysian Institute of Chartered Secretaries & Administrators (MAICSA) from
2006 until to-date. Currently, Kenneth stands as the honorary secretary of the Malaysian
Corporate Counsel Association, a non-governmental organization focusing on in-house and
corporate counsels in Malaysia.
Kenneth is iTrainingExpert.com's associate trainer whose passion is in training and sharing on
corporate law, corporate secretarial practice and corporate governance.
He has also conducted many trainings for MAICSA, Malaysian Association of Company
Secretaries (MACS), MIA Malaysian Institute of Accountants (MIA), Suruhanjaya Syarikat
Malaysia, COMTRAC and various corporations. In his free time, Kenneth serves as an adjunct
lecturer at Kolej Tunku Abdul Rahman in the Law Faculty.
MR SATWINDER SINGH,LLB (London) & Certified Trainer
Mr Singh brings to us his 20 yearsof legal practice and has handled a wide rangeof legal
issues throughout his career. He comes from a family of legal practitioners and is a very
passionate speaker who shares with his audience about legal matters to create better informed
public.
He specialises in:

Dispute Resolution strategist

Project Management Advisory
Contracts Administration and Claims Management
Procurement Strategy, Negotiation and Tender Review
Corporate Governance & Legal Services
Intellectual Property Rights

He most recent trainings that he has conducted include:

Effects of Construction Industry Payment and Adjudication Act
Understanding Liquidated and Ascertained Damages
Understanding law regarding Termination of Contracts & General Principals of Contract
Law
Contract Management & Claims evaluation
Ambit of Corporate Governance

Testimonies

I had limited knowledge one PDPA before attending this course. The training helped me to
understand the process necessary to be put in place in the company. Its driven me to re-read
and further gain additional knowledge on PDPA. Hana Rabi, Media Prima CJ O Shopping
Sdn. Bhd.
This training taught me the practical side of PDPA and made me feel much more
knowledgeable about the law. The trainer is very good and has a vast knowledge of PDPA. If
there are any other programs on say public speaking, Id be interested to attend those.Nurul,
Clinical Research Malaysia.
"It has been an interesting sessions where the workshop has significantly
increased my awareness on Personal Data act and its implications," S. Ryder, CEO,
Eagleburgmann (M) Sdn Bhd
"After asking lots of questions during the workshop, I am more aware of my
rights in giving out my pesonal data" KH, Chong, Eagleburgmann (M) Sdn Bhd

From this PDPA course, I gained a lot of information that I need to know about PDPA which
help in at work. HR, UMP Holdings Sdn Bhd.

During the course, I learned that this course is directly applicable to my daily work. After the
course, I feel that this PDPA should be carefully implemented to protect the company. This
PDPA is a very good training. This Personal Data Protection Act course is a very useful course
for anyone who is working in a corporate environment. Now I more aware on matters related to
Personal Data Protection Act. Managing Director, UMP Holdings Sdn Bhd.

Investment

Normal fee
Sign up 1 pax
Pay before course starts
MYR 1,480.00
USD 350.00
Early Bird
Sign up 1 pax
Pay 14 days before course starts

 MYR 1,280.00
USD 300.00
Group Fee
Sign up 3 pax or more
Pay 14 days before course starts
MYR 1,180.00
USD 280.00

(Fee inclusive of GST, Buffet Lunch, Refreshment, Welcome Pack, Training Materials Certificate of Achievement)

Certificate
Upon successful completion of this program, you will receive a Certificate of Achievement.
Certificates are distributed on the final day of the program.

Payment mode:
1. ONLINE PAYMENT by Credit card: You can opt to register and pay online with our latest
payment integration system through our website.
2. BANK IN CHEQUE
Bank in and then scan the Bank-in slip and email to us before the course commence to confirm
your seat.
Courier your cheque payment to our Finance HQ.
*Note that we DO NOT take any payments during the event.
3. BANK IN CASH:You can also pay by cash through bank-in our company bank account.
4. Telegraphic Transfer- You can also opt to use GIRO or telegraphic transfer of payment via
international banks.