Classroom/ Online: Yes/ Yes
Scheduling Date(s):
Note: Please click specific date for detailed venue and course fee etc.
How to Handle Personal Data Well so as Not to be Fined, Unemployed or Blacklisted: Consequences of Mishandling Personal Data and How to Do It Right
Essential Personal Data Protection Law - How to Handle Personal Data Well so as Not to be Fined, Unemployed or Blacklisted: Consequences of Mishandling Personal Data and How to Do It Right and Comply with the Singapore Personal Data Protection Act 2012.
The Singapore Personal Data Protection Act 2012 (“PDPA”) has been in force legally since 2012. Thus, ignorance of the law is no defence. This is a practical course that provide participants with a good working knowledge of personal data protection laws so that they can conduct their businesses and areas of work effectively and comply with the PDPA laws.
The Singapore Personal Data Protection Act 2012 (“PDPA”) has been in force legally since 2012. Thus, ignorance of the law is no defence. This is a practical course that provide participants with a good working knowledge of personal data protection laws so that they can conduct their businesses and areas of work effectively and comply with the PDPA laws.
Objective
Learn all the fundamentals of personal data protection laws in Singapore that affects your
business, and how to comply with the PDPA so that your organisation is not fined or
blacklisted, and your employees do not become unemployed due to data leaks or breaches.
Acquire a working knowledge of all the twelve (12) main obligations that your business or
organisation is legally obligated to comply with under the PDPA.
In addition, learn all the principles and safeguards in the Advisory Guidelines issued by the
Personal Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator, that affect
the Advertising sector, the Marketing and Sales sector, the Insurance and Real Estate Sales
sectors, the Banking and Finance sector, the Medical sector, and sectors that sell products
and/or services targeted at Children and Youth.
This course will also cover the role of Privacy Impact Assessments and how it can help your
business identify risks and how to mitigate and manage these risks for compliance to the
PDPA. To enhance learning, there will be real case studies and lessons to learn from them
and quizzes to try. The course will also share best practices in handling personal data of
your family, customers and employees.
business, and how to comply with the PDPA so that your organisation is not fined or
blacklisted, and your employees do not become unemployed due to data leaks or breaches.
Acquire a working knowledge of all the twelve (12) main obligations that your business or
organisation is legally obligated to comply with under the PDPA.
In addition, learn all the principles and safeguards in the Advisory Guidelines issued by the
Personal Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator, that affect
the Advertising sector, the Marketing and Sales sector, the Insurance and Real Estate Sales
sectors, the Banking and Finance sector, the Medical sector, and sectors that sell products
and/or services targeted at Children and Youth.
This course will also cover the role of Privacy Impact Assessments and how it can help your
business identify risks and how to mitigate and manage these risks for compliance to the
PDPA. To enhance learning, there will be real case studies and lessons to learn from them
and quizzes to try. The course will also share best practices in handling personal data of
your family, customers and employees.
Outline
- Understand what is Personal Data, and what it is not
- with examples and case studies
- exceptions to definition of Personal Data in Singapore
- what are the differences in other Asia Pacific countries - Learn How to Identify what is Personal Data in Singapore
- with case studies and quizzes - Top Twelve Obligations in the PDPA that every Organisation and Employees must know and comply with
- explanation of all twelve obligations
- explanation that one of these obligations is not legally in force yet - Special exceptions to compliance with the PDPA
- Organisations and situations that do not have to comply with the PDPA
- Rationale for this - Principles and safeguards in the Advisory Guidelines issued by the Personal
Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator that affect the:
– Advertising sector,
- Marketing and Sales sector,
- Insurance sector,
- Real Estate Sales sectors,
- Banking and Finance sector,
- Medical, health and wellness sectors, and
- sectors that target Children and Youth with their products and/or services. - What are considered data breaches, data leaks and ransomware attacks?
- Explanation of what these are
- Case studies - How to handle data leaks, data breaches and ransomware attacks?
- What are the requirements and timelines to handling these under the PDPA?
- What are the legal obligations to report these data leaks or breaches, or ransomware attacks to the Personal Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator? - What is a Privacy Impact Assessment (“PIA”)?
- How can PIAs help identify privacy risks, operational risks, administrative risks, business risks, contractual risks and legal risks?
- What are these risks?
- What are the solutions to mitigate and manage all these identified risks from conducting a PIA?
- What is a PIA Report? - What is a Personal Data Protection Management Program (“DPMP”)?
- How can it help Businesses, Executive and Employees maintain compliance with the PDPA? - Preventing data leaks and data breaches in the Workplace
- Case studies
- Quiz - Sharing Best Practices for compliance with the PDPA
- Q&A
Who should attend
Founders of Companies, Directors, Managers, Executives, Sales and Marketing personnel,
Insurance and Real Estate Agents, Executives and Staff working in banks and financial
institutions, Medical Professionals, Executives and Staff working in medical clinics, hospitals,
health and wellness organisations, and any commercial personnel who is running or managing a
business and will like to acquire a practical understanding of Personal Data Protection Laws to
manage business, privacy, commercial and operational risks.
Insurance and Real Estate Agents, Executives and Staff working in banks and financial
institutions, Medical Professionals, Executives and Staff working in medical clinics, hospitals,
health and wellness organisations, and any commercial personnel who is running or managing a
business and will like to acquire a practical understanding of Personal Data Protection Laws to
manage business, privacy, commercial and operational risks.
Methodology
Case-studies and case presentations will be discussed. There will be quizzes to enhance
learning. You do not need to have prior legal knowledge to attend this seminar.
learning. You do not need to have prior legal knowledge to attend this seminar.
Testimonials
I worked with Aileen in my role as Aon’s Privacy Lead Counsel (North America) for the organization’s Global Privacy Office and Law & Compliance Department. GPO consists of approximately 30 professionals, and L&C is comprised of over 400 attorneys in North America, EMEA, and Asia. Aileen consistently stood out for: the depth and detail of her APAC privacy knowledge, including the newest developments; her engagement with the subject matter; the quality of her clear and concise communications; her risk- managed judgment; and the pace of her work, which always respected the clients’ time-scale. Aileen is an outstanding attorney, subject matter expert, and colleague. I recommend her most highly.
Mr Jeff Hamburg, Aon Assistant General Counsel & Privacy Counsel Lead, North America.
Aileen was an Accenture Legal and Commercial professional providing legal support for me on one of my medium scale projects in Singapore. She gave excellent advice about the contract, the local marketplace, and the legal aspects of the project. I found Aileen to be practical, pragmatic, professional, and pleasant to work with. I would welcome the opportunity to work with Aileen again.
Mr David Abberton - Former Executive Partner at Accenture, in Accenture Government Clients Group
Aileen was detailed, thorough and displayed professionalism in her work. She gave sound advise that was in the best interest of the organisation. Despite the short time given to work on agreements, she rose to the occasion and delivered timely. Her commitment was commendable and above all she did them cheerfully. She would be an asset to any organisation.
Ms Bhawani Balakrishnan - Marketing & Communications Professional, Communications and Events Management at NUS.
Mr Jeff Hamburg, Aon Assistant General Counsel & Privacy Counsel Lead, North America.
Aileen was an Accenture Legal and Commercial professional providing legal support for me on one of my medium scale projects in Singapore. She gave excellent advice about the contract, the local marketplace, and the legal aspects of the project. I found Aileen to be practical, pragmatic, professional, and pleasant to work with. I would welcome the opportunity to work with Aileen again.
Mr David Abberton - Former Executive Partner at Accenture, in Accenture Government Clients Group
Aileen was detailed, thorough and displayed professionalism in her work. She gave sound advise that was in the best interest of the organisation. Despite the short time given to work on agreements, she rose to the occasion and delivered timely. Her commitment was commendable and above all she did them cheerfully. She would be an asset to any organisation.
Ms Bhawani Balakrishnan - Marketing & Communications Professional, Communications and Events Management at NUS.
Profile of Aileen Koh
Legal, Privacy, Cybersecurity & AI Risk Management Expert. Experienced in Writing, Speaking, Negotiations, Risk Identification & Risk Mitigation, How to Thrive with Artificial Intelligence: Learn the Best New AI Tools for Life and Work, How to Prevent Falling for Scams and Deepfakes, Discerning Online Content & Protecting Yourself, Personal Data Protection and Privacy in Singapore and Asia Pacific, Cybersecurity, Corporate Commercial Contracts, Intellectual Property like Trademarks, Trade Secrets and Copyright, Real Estate contracts, Wills and Trusts, Using Data Analytics to Build a Data Culture.
Aileen Koh is an accomplished legal professional with over 24 years of experience in law and data privacy, and 15 years in corporate commercial roles. She is an Advocate and Solicitor of the Supreme Court of Singapore and a Barrister-at-Law (Middle Temple, UK), with an LL.B (Hons) from the University of London. Aileen has held leadership roles as Vice President of Legal in a global group of 68 entities, Legal Director of a private social club, and Head of Legal for a VC-backed tech firm.
She is a Certified Information Privacy Professional/Asia (CIPP/A) and has served as Regional Data Protection Officer (DPO), advising MNCs on Asia-Pacific privacy laws and EU GDPR compliance. Aileen has conducted over 100 Privacy Impact Assessments across 30+ countries and led investigations into data breaches across 17 APAC nations. She supports companies in developing Data Protection Management Programs (DPMPs), SOPs, and compliance strategies.
Aileen’s legal expertise spans corporate and commercial contracts, intellectual property, wills and trusts, employment law, and real estate. She has provided training on PDPA, cybersecurity, online content discernment, scam and deepfake awareness, and how to thrive using the latest AI tools in life and work. A seasoned trainer, she has conducted seminars for MNCs, SMEs, government agencies, and schools. She also teaches business writing, public speaking, negotiation, and resilience skills.
Aileen is a dynamic speaker and consultant, empowering professionals with practical legal, digital, and communication skills to manage risk, drive compliance, and stay competitive in a tech-driven world.
