Can Innovation

On July 7, 2022, lecturers Mr. Teerasak Chobthong and Ms. Kanittha Rungsaeng organized a training on “Preparation and guidelines for implementing the Personal Data Protection Act 2019 (Personal Data Protection Act – PDPA). “To create readiness for every part of the organization to understand and be aware of the PDPA effective June 1, 2022

Objective

  1. Principles and essence of the Personal Data Protection Act 2019, such as important definitions, interpretations, rights, duties, enforcement, and penalties.
  2. Preparation of policies, guidelines, risk assessments and the process of preparing for organization compliance with the Personal Data Protection Act 2019
  3. Guidelines for the Personal Data Protection Officer (DPO: Data Protection Officer), Personal Data Controller (Data Controller) and Personal Data Processor (Data Processor) according to the Personal Data Protection Act 2019.
  4. Guidelines for security of personal information, especially general personal information and sensitive data (Sensitive Data) as the owner of personal data (Data Subject)
  5. Guidelines for managing and using personal information within the organization (Data Life Cycle)

Course Outline

  • Rationale and background of the Personal Data Protection Act 2019
  • Important elements of the Personal Data Protection Act
    • What is “personal data” and who is the owner of personal data?
    • What does personal data protection mean? How to do it? What are the exceptions?
    • Which departments in the organization are involved with PDPA?
    • Who is the Personal Data Controller (Controller), Personal Data Processor (Processor), and Personal Data Protection Officer (DPO)? What are the roles and responsibilities?
    • Rights of the owner of personal data
    • Principles for requesting consent from the owner of personal data To collect information, use information, and disclose information
    • Legal responsibility Both civil penalties, criminal penalties, and administrative fines.
  • Scope of application for companies in Thailand Overseas companies with customer service in Thailand What adjustments must be made to support compliance with this law?
  • What the organization should prepare for When the law comes into effect
  • Guidelines for Data Protection Impact Assessment according to the scope of DPIA
  • Personal Data Protection Policy (Data Protection Policy)
  • Data processing information document (Privacy Notice)