The Data Protection Act
Se está descargando tu SlideShare.
×
Eche un vistazo a continuación
Recomendado
Más Contenido Relacionado
Presentaciones para usted (20)
Similares a PDPA 2010 (part 2) - What's Next? (20)
Más reciente (20)
PDPA 2010 (part 2) - What's Next?
- 1. Malaysia: Personal Data Protection Act (PDPA) 2010 Hairul Hafiz B Hasbullah Data Protection: (Part 2) WHAT’S NEXT?
- 2. RING A BELL ?
- 3. WHAT YOU WILL LEARN?
- 4. • Refresher • MyCEB PDPA Policy and Clauses in Agreement • Where are We? • Action Plan
- 5. REFRESHER Personal Data is Information about an individual that is recorded in any form Types of Data Data Subject/ User/Processor What is Personal Data? NRIC, Home address, age, blood type, marital status, credit card etc WHAT YOU WILL LEARN:
- 6. REFRESHER What is the 7 Principles? 1 General 2 Notice & Choice 3 Disclosure 4 Security 5 Retention 6 Integrity 7 Access
- 7. WHAT IS YOUR RIGHT?
- 8. MyCEB PDPA POLICY AND CLAUSES
- 9. MyCEB PDPA POLICY AND CLAUSES
- 10. WHERE ARE WE ? Collection of Personal Data 1 Do you collect personal data about your customer 2 Do you have a personal data inventory map on ( what data is collected?/ who collects?/ where it is stored?/ who it is disclosed to? 3 When collecting personal data, do you clearly inform the individual the purpose for which it will be collected and obtain consent? 4 Do you ensure that 3rd party has obtained consent from the individuals to disclose the personal data? 5 Is there a formal process for the withdrawal of consent by individuals in respect of the collection?
- 11. WHERE ARE WE ? Use Of Personal Data 6 Do you limit the use of personal data collected to only purposes that you have obtained consent for? 7 Before data protection requirements of the PDPA come into operation, are you using the personal data only for purposes that it was collected for? Disclosure of Personal Data 8 Do you limit the disclosure of personal data collected to only purposes that you have obtained consent for?
- 12. WHERE ARE WE ? Access and Rights 9 Have you established a formal procedure to handle requests for access to personal data? 10 Do you have a list of 3rd party organisations to whom personal data was disclosed and for what purpose? 11 Have you established a formal procedure to handle correction requests of personal data? Protection Obligation 12 Have you assessed the personal data protection risks within your organisation and put in place personal data security policies? 13 Is the personal data that you hold adequately classified 14 Is the personal data kept in a secure manner?
- 13. WHERE ARE WE ? Retention Limitation 15 Is there regular data housekeeping 16 Do you remove personal data no longer needed for business or legal purposes?
- 14. ACTION PLAN BE & MME Implementation: Stage 2 • Forms & Agreements (Internal & External) • Person In Charge for each Division • Established Retention Policy on Data • Housekeeping (Clean up Data and update) • Provide an access for Data Subject to amend • Exercise PDPA Policy Form across the board
- 15. CONGRATULATIONS! You have just completed Privacy and Personal data (Part 1) under MyCEB Personal Data Protection 2010 THANK YOU
