Understanding PDPA 2010 (with 2024 Updates)

Overview of PDPA 2010 and how it applies to organisations, key definitions including personal data, sensitive personal data, biometric data, data controller and data processor, the 7 PDPA principles, updated roles and responsibilities under the amended Act, and examples from HR, marketing and customer service environments.

Managing Data and Individual Rights

Data lifecycle from collection to disposal, consent requirements in practical operational terms, individual rights including access, correction and introduction to data portability, practical steps when receiving a rights request, and common mistakes when responding.

Data Security and Retention

Security obligations under the PDPA Security Principle, responsibilities of both data controllers and data processors, basic organisational and technical safeguards, managing passwords, emails, cloud storage and physical files, retention and disposal practices, and overview of updated penalties.

Data Breach Awareness and Response

Definition of a personal data breach under PDPA, common breach scenarios in Malaysian workplaces, mandatory breach notification requirements and when they apply, immediate internal reporting steps, and do's and don'ts during incident handling.

PDPA in Daily Operations

Applying PDPA in marketing activities, handling employee records in HR, use of CCTV and monitoring systems, managing third party vendors and data processors, and understanding the role of the Data Protection Officer (DPO).