IDENTIFY RISKS ASSOCIATED WITH COLLECTION, USE, DISCLOSURE AND STORAGE OF PERSONAL DATA

Course Overview

Learners will understand basic data classification and risk assessment techniques so as to enable them to identify, assess and address personal data protection risks. At the end of the course, learners are able to identify and resolve risks in relation to data protection and DNC provisions, business processes and data intermediaries. Learners will also learn how to conduct a Data Protection Impact Assessment.

Course Objectives

You will have knowledge of the following:

• Basic data classification, data lifecycle, and risk identification and assessment techniques
• Internal protocols, past solutions and widely-known best practices in risk management or prevention with respect to data protection
• Risk management measures and implementation steps

1.  Data protection risks in relation to:

2.  DP and DNC provisions

3.  Business processes

4.  Data Intermediaries

5.  Electronic processing of Personal Data

• Data Protection Impact Assessment (DPIA) to identify, assess and address personal data protection risks

You will be able to perform the following:

• Identify risks and use SOPs to mitigate risks
• Conduct risk assessment using the DPIA
• Highlight red flags and other key findings in risk assessment report
• Propose processes and actions steps to address risks
• Propose enhancements to risk countermeasures
• Monitor and check compliance to personal data content clauses, contracts and technical/commercial agreements
• Manage contracts with third parties (including data intermediary) for products and services
• Monitor activities and performance of vendors
• Document changes and updates to contracts and agreements
• Monitor the effectiveness of security initiatives
• Identify security risks, threats and vulnerabilities
• Assist users on various techniques that can anonymise personal data

Pre-requisites

1. Learner has attended and is competent for module titled Fundamentals of Personal Data

Protection Act or its equivalent

2. Learners are assumed to be able to:

• Understand relevant organisational strategies, objectives, culture, policies, processes and products/services
• Have information gathering skills to gather and collate necessary data
• Have analytical skills to assess policies and procedures
• Have business writing skills to prepare management report
• Have interpersonal and communication skills to interact with relevant stakeholders
• Have facilitation skills to ask the right questions to elicit necessary information
• Be aware of compliance requirements of organisation

Hardware & Software
This course will be conducted as a Virtual Live Class (VLC) via Zoom platform. Participants must own a zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. This can be downloaded from https://zoom.us/download

System Requirement

Must Have: Please ensure that your computer or laptop meets the following requirements. Operating system: Windows 10 or MacOS (64 bit or above) Processor/CPU: 1.8 GHz, 2-core Intel Core i3 or higher Minimum 20 GB hard disk space. Minimum 8 Gb RAM Webcam (The camera must be turned on for the duration of the class) Microphone Internet Connection: Wired or Wireless broadband Latest version of Zoom software to be installed on computer or laptop prior to the class. Good to Have: Wired internet connection Wired internet will provide you with stable and reliable connection. Dual monitors Using a dual monitor setup will undoubtedly improve your training experience, enabling you to simultaneously participate in hands-on exercises and maintain engagement with your instructor. Not Recommended: Using tablets is not recommended due to their smaller screen size, which could cause eye strain and discomfort over the course of the program's duration.

Course Outline

Introduction

• Data classification
• Data lifecycle
• Risk identification and risk assessment techniques

Data protection risks relating to:

• DP and DNC processes
• Business processes
• Data Intermediaries
• Electronic processing of personal data

Risk rating/scoring

Responding to risks

• Risk modification
• Risk retention
• Risk avoidance
• Risk sharing

Data Protection Impact Assessment (DPIA)

• Conduct risk assessment using a DPIA

Managing contracts in compliance with PDPA

• Consent clauses
• Contracts and technical agreements

Managing risks with third parties/vendors/data intermediaries

• Conduct due diligence
• Monitor activities and performance
• Terms of contractual agreements

Additional Details

Price

Course Fee
		Individual Sponsored Trainee		Company Sponsored Trainee
		before GST	with GST	before GST	with GST
Full Course Fee		$1,400.00	$1,526.00	$1,400.00	$1,526.00

Remarks

Union Training Assistance Programme (UTAP)
NTUC members enjoy UTAP* benefit of up to $250 each year when you sign up for courses with NTUC LearningHub

* UTAP supports 50% of the course fees paid cap at $250 per year. You must be a union member throughout the course duration and at the time of claim. You must achieve a minimum of 75% attendance for each application and have sat for all prescribed examinations. Other terms and conditions apply.

Terms & Conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscellaneous fees.