By 2 July 2014, all private organisations are expected to be in full compliance with the Personal Data Protection Act (\u201cPDPA\u201d).<\/p>\n
George Hwang LLC has developed a compliance programme to help you meet the obligations of this new law.<\/p>\n
The PDPA requires all private entities holding personal data to have the following in place:<\/p>\n
The Personal Data Protection Commission (\u201cPDPC\u201d) constituted in Jan 2013 is tasked with overseeing the implementation of PDPA. The PDPC has wide ranging power. It includes the power to investigate and to direct organisations, amongst others, to stop using, destroy, provide access to or correct personal data within their control. It can also order a fine to the maximum of $1 million.<\/p>\n
Our compliance programme has a 3 Stage procedure. Each stage complements the others, yet, each can be independent. After each stage, the organisation can decide whether to proceed further. They are:<\/p>\n
For SMEs, we have a service for continuous compliance. This is our \u201cDPO Service\u201d.<\/p>\n
STAGE 1 – AUDIT<\/b><\/p>\n
This is a fact finding stage. We will analyse the organisation\u2019s database, their purposes and its data management system. Some organisation may already have a set of policies and practices. We will review them, as part of the audit.<\/p>\n
A report on its shortcomings and recommendations will be made. The organisation\u2019s management can study this report and decide whether to proceed to the next stage.<\/p>\n
STAGE 2 \u2013 IMPLEMENTATION<\/b><\/p>\n
We will assist the organisation to create a system or process, together with drafting the necessary notices, forms and manuals. Depending on the requirements, we may have to work with an IT consultant regarding security of the database.<\/p>\n
For SMEs which needs or keeps very limited amount of personal data for its business, we have a standard procedure and manual for adoption.<\/p>\n
STAGE 3 – TRAINING<\/b><\/p>\n
As it is new, everyone needs to be sensitised to personal data protection issues and the rights of the data subjects. This will enable them to be identified at an early stage and escalation of problems prevented.<\/p>\n
We will assist in training your staff through seminars and hands-on coaching. This will depend on the size and needs of the organisation concerned.<\/p>\n
DPO SERVICE<\/b><\/p>\n
We provide a DPO on an annual basis. All clients who use our DPO service must first go through our 3 Stage Programme. We need to ensure compliance before taking on the duties of a DPO.<\/p>\n
George Hwang
\nDirector
\n10th October 2013<\/p>\n