Subscribe e-Newsletter
    Member Login
    Course Information
    Email
    Pass
    Forget password? Click here
    Event Profile
    Class/
    Online
    Classroom
    Date November 14, 2025
    Time 9:00am to 5:00pm
    Venue Hotel Grand Pacific Singapore
    101 Victoria Street
    Singapore 188018
    Fee
    9% GST will apply
    SGD 520.00
    3 & above: SGD500.00 each
    For Member
    SGD 494
    3 & above: SGD475 each
    NoteTwo tea breaks and buffet lunch will be served. Limited complimentary car parking coupons are available upon request.
    Other Date(s)1) Feb 14, 2025
    2) May 16, 2025
    3) Aug 15, 2025
    Trainer
    Activity
    You may reach us via
    T: 6204 6214
    E: info@ccisg.com
    Alternatively, you may send below details to register
    Contact Person
    Company (optional), Name, Job Title, Mailing Address, Tel, Email

    Participant(s)
    Name, Job Title, Email
    Essential Personal Data Protection Law - How to Handle Personal Data Well so as Not to be Fined, Unemployed or Blacklisted: Consequences of Mishandling Personal Data and How to Do It Right and Comply with the Singapore Personal Data Protection Act 2012.

    The Singapore Personal Data Protection Act 2012 (“PDPA”) has been in force legally since 2012. Thus, ignorance of the law is no defence. This is a practical course that provide participants with a good working knowledge of personal data protection laws so that they can conduct their businesses and areas of work effectively and comply with the PDPA laws.
    Objective
    Learn all the fundamentals of personal data protection laws in Singapore that affects your
    business, and how to comply with the PDPA so that your organisation is not fined or
    blacklisted, and your employees do not become unemployed due to data leaks or breaches.
    Acquire a working knowledge of all the twelve (12) main obligations that your business or
    organisation is legally obligated to comply with under the PDPA.
    In addition, learn all the principles and safeguards in the Advisory Guidelines issued by the
    Personal Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator, that affect
    the Advertising sector, the Marketing and Sales sector, the Insurance and Real Estate Sales
    sectors, the Banking and Finance sector, the Medical sector, and sectors that sell products
    and/or services targeted at Children and Youth.
    This course will also cover the role of Privacy Impact Assessments and how it can help your
    business identify risks and how to mitigate and manage these risks for compliance to the
    PDPA. To enhance learning, there will be real case studies and lessons to learn from them
    and quizzes to try. The course will also share best practices in handling personal data of
    your family, customers and employees.
    Outline
    1. Understand what is Personal Data, and what it is not
      - with examples and case studies
      - exceptions to definition of Personal Data in Singapore
      - what are the differences in other Asia Pacific countries
    2. Learn How to Identify what is Personal Data in Singapore
      - with case studies and quizzes
    3. Top Twelve Obligations in the PDPA that every Organisation and Employees must know and comply with
      - explanation of all twelve obligations
      - explanation that one of these obligations is not legally in force yet
    4. Special exceptions to compliance with the PDPA
      - Organisations and situations that do not have to comply with the PDPA
      - Rationale for this
    5. Principles and safeguards in the Advisory Guidelines issued by the Personal
      Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator that affect the:
      – Advertising sector,
      - Marketing and Sales sector,
      - Insurance sector,
      - Real Estate Sales sectors,
      - Banking and Finance sector,
      - Medical, health and wellness sectors, and
      - sectors that target Children and Youth with their products and/or services.
    6. What are considered data breaches, data leaks and ransomware attacks?
      - Explanation of what these are
      - Case studies
    7. How to handle data leaks, data breaches and ransomware attacks?
      - What are the requirements and timelines to handling these under the PDPA?
      - What are the legal obligations to report these data leaks or breaches, or ransomware attacks to the Personal Data Protection Commission (“PDPC”), Singapore’s Privacy Regulator?
    8. What is a Privacy Impact Assessment (“PIA”)?
      - How can PIAs help identify privacy risks, operational risks, administrative risks, business risks, contractual risks and legal risks?
      - What are these risks?
      - What are the solutions to mitigate and manage all these identified risks from conducting a PIA?
      - What is a PIA Report?
    9. What is a Personal Data Protection Management Program (“DPMP”)?
      - How can it help Businesses, Executive and Employees maintain compliance with the PDPA?
    10. Preventing data leaks and data breaches in the Workplace
      - Case studies
      - Quiz
    11. Sharing Best Practices for compliance with the PDPA
      - Q&A
    Who should attend
    Founders of Companies, Directors, Managers, Executives, Sales and Marketing personnel,
    Insurance and Real Estate Agents, Executives and Staff working in banks and financial
    institutions, Medical Professionals, Executives and Staff working in medical clinics, hospitals,
    health and wellness organisations, and any commercial personnel who is running or managing a
    business and will like to acquire a practical understanding of Personal Data Protection Laws to
    manage business, privacy, commercial and operational risks.
    Methodology
    Case-studies and case presentations will be discussed. There will be quizzes to enhance
    learning. You do not need to have prior legal knowledge to attend this seminar.
    Testimonial
    I worked with Aileen in my role as Aon’s Privacy Lead Counsel (North America) for the organization’s Global Privacy Office and Law & Compliance Department. GPO consists of approximately 30 professionals, and L&C is comprised of over 400 attorneys in North America, EMEA, and Asia. Aileen consistently stood out for: the depth and detail of her APAC privacy knowledge, including the newest developments; her engagement with the subject matter; the quality of her clear and concise communications; her risk- managed judgment; and the pace of her work, which always respected the clients’ time-scale. Aileen is an outstanding attorney, subject matter expert, and colleague. I recommend her most highly.
    Mr Jeff Hamburg, Aon Assistant General Counsel & Privacy Counsel Lead, North America.

    Aileen was an Accenture Legal and Commercial professional providing legal support for me on one of my medium scale projects in Singapore. She gave excellent advice about the contract, the local marketplace, and the legal aspects of the project. I found Aileen to be practical, pragmatic, professional, and pleasant to work with. I would welcome the opportunity to work with Aileen again.
    Mr David Abberton - Former Executive Partner at Accenture, in Accenture Government Clients Group

    Aileen was detailed, thorough and displayed professionalism in her work. She gave sound advise that was in the best interest of the organisation. Despite the short time given to work on agreements, she rose to the occasion and delivered timely. Her commitment was commendable and above all she did them cheerfully. She would be an asset to any organisation.
    Ms Bhawani Balakrishnan - Marketing & Communications Professional, Communications and Events Management at NUS.
    Aileen Koh's Profile
    Expert in Privacy, Data Protection, Data Culture, Intellectual Property, Corporate Commercial Contracts, Real Estate, Wills & Trusts and Risk Management

    Aileen Koh is a seasoned lawyer and Certified Information Privacy Professional/Asia (CIPP/A) recognized by the International Association of Privacy Professionals (IAPP). Dual-qualified as an Advocate and Solicitor in Singapore and as a Barrister-at-Law in England & Wales, Aileen has a distinguished career spanning privacy, cybersecurity, and legal risk management.

    She previously served on the Singapore Attorney General’s Legal Sub-Committee for the National Internet Advisory on Personal Data Protection and chaired the Ethics Committee for the Singapore Real Estate Association. As a former law lecturer and a registered instructor with the Ministry of Education, she has demonstrated her expertise in teaching and mentoring.

    Aileen’s extensive experience includes handling Asia-Pacific (APAC) and European Union (EU) personal data protection laws, privacy risk impact assessments (PIAs), compliance, and intellectual property. She has served as a Regional Data Protection Officer (DPO) for multiple organizations, providing strategic advisory services on APAC privacy laws and EU GDPR compliance.

    With a proven track record of reviewing over 100 global PIAs across 30+ countries, Aileen delivers comprehensive risk mitigation solutions through detailed completion reports. She has managed investigations into personal data breaches across 17 APAC countries, preventing incidents and ensuring compliance by implementing data protection management programs (DPMPs), standard operating procedures (SOPs), and best practices.

    Her work extends to drafting and reviewing corporate commercial contracts, employment policies, real estate agreements, wills, trusts, and intellectual property documentation. She also specializes in conducting due diligence, privacy assessments, and business risk evaluations for multinational corporations (MNCs), SMEs, and government entities.

    Aileen is a sought-after trainer and speaker, providing workshops, consultancy, and strategies to help organizations adopt a robust data culture. She designs and implements privacy-by-design frameworks that align with APAC and EU privacy regulations, reducing the risks of data breaches, non-compliance, fines, and reputational harm.

    Aileen’s expertise lies in equipping organizations with the tools and knowledge to manage privacy and cybersecurity risks effectively, ensuring long-term resilience and operational excellence.
    Privacy Policy  |  Terms of Use
    Copyright © 2024 CCISG Pte Ltd  |  ACRA Reg No: 201207591D  |  GST Reg No: 201207591D