DEVELOP AND IMPLEMENT A DATA PROTECTION MANAGEMENT PROGRAMME (DPMP)

DEVELOP AND IMPLEMENT A DATA PROTECTION MANAGEMENT PROGRAMME (DPMP)

Funded

Course Duration

16.0 hr(s)

Mode of Assessment

Learners will be required to undergo assessment, consisting of a written test and oral questioning. Both will be conducted in the classroom.

Who Should Attend

1. Targetted at Data Protection Officers
2. Staff who formulate and review data protection policies
3. Staff who develop data protection management programmes

Course Overview

Learners will be able to develop and implement a Data Protection Programme that covers policy, processes and people for the handling of personal data at each stage of its lifecycle collection, storage, use, disclosure, disposal and archival. Using the accountability-based approach, learners will learn how to establish good data management practices throughoutthe personal data lifecycle.

Courses Schedule

Next available schedule

Course Objectives

You will be able to understand the following:

  • Accountability approach to personal data protection management
  • Data Protection Management Programme to establish good data management practices throughout the life cycle of the personal data
  • Sector-specific legislative and regulatory frameworks to complement PDPA
  • Business processes and workflows for collection, use or disclosure of personal data
  • Data protection by design principles

You will be able to perform the following:

  • Develop personal data protection policies and processes in accordance to the Data Protection Management Plan
  • Implement policies and practices and adapt them to ensure smooth execution
  • Keep abreast of the changes in internal and external environment that may impact on data protection
  • Review and recommend changes to the DPMP as a result of changes in both internal and external environments
  • Incorporate Data Protection by Design principles in the organisations business processes, ICT systems, products and services
  • Keep abreast of internal and external environments for the organisation to be apprised of any regulatory changes or business processes

Pre-requisites

  1. You have attended and is competent for module titled Fundamentals of Personal Data Protection Act or its equivalent
  2. You are assumed to be able to:
  • Understand relevant organisational strategies, objectives, culture, policies, processes and products / services
  • Have information gathering skills to gather and collate necessary data
  • Have analytical skills to assess policies and procedures
  • Have business writing skills to prepare management report
  • Have interpersonal and communication skills to interact with relevant stakeholders
  • Have facilitation skills to ask the right questions to elicit necessary information
  • Be aware of compliance requirements of organisation

Course Outline

Accountability-based approach to personal data protection management

  • Accountability principle
  • Accountability within an organisation
  • Accountability within industry
  • Accountability in enforcement

Key requirements under PDPA

  • Main key obligations
  • DNC
  • Data Intemediaries

Data Protection Management Program

  • Develop policy
  •  Policy lifecycle
  •  Internal and external stakeholders
  •  Content of a policy
  •  Internal data protection policies and practices
  • External data protection notices
  • Develop people
  •  Team, roles and responsibilities
  • Communication and training strategies
  • Develop process
  • HR policies and practices
  • Access and Correction requests
  • Risk reporting structure
  •  Available tools
  • Maintenance and Review of DPMP

Sector specific frameworks

  • Telecommunications
  • Real estate
  • Education
  • Healthcare
  • Social Services
  • Private Hire Vehicles
  • Management Corporations for Strata Titles

Business processes and workflows for collection, use or disclosure of personal data

  • Document data lifecycle
  • Business process inventory
  • Personal data inventory

Data Protection by Design Principles

  • Proactive and preventive
  • Data protection as default
  • End to end security
  • Data minimization
  • User-centric
  • Transparency
  • Risk minimization

What Others Also Enrolled In