PDPA Resources
It is mandatory for all businesses to identify at least one personnel as a Data Protection Officer (DPO), to ensure that the company complies with Personal Data Personal Act (PDPA). The scope of employment is limited to data protection or to a person in the organization who accepts this position as one of his many obligations.
Organizations must also make at least one DPO’s business contact information available to the general public.
The requirements of PDPA
Step 1
Data Protection Management.
Develop & Implement Data Protection (DP) Policy and processes
Step 2
Data Breach Management.
Develop a compliant handling procedure.
Develop an action plan for data breach.
Step 3
Communication.
Develop a staff communication plan.
Step 4
Training.
Develop a staff training plan
Step 5
Risk Assessment Annual Review
Identify and alert management to any risks that might arise with regards to personal data.
DPO responsibilities @ Workplace
- Point of contact with PDPC and customers.
- Create and foster Awareness of PDPA @ the workplace.
- Identify and alert management of any risks and gaps in the policies.
- Ensure the compliance of PDPA.
- Manage queries and complaints.