• Technical Requirements: Participants must have a computer or mobile device with a reliable internet connection to join the remote online training sessions.
• Commitment: Participants are expected to fully commit to the entire training program, actively engaging in all activities and assessments for the best learning experience.

This course provides a comprehensive introduction to Malaysia’s Personal Data Protection Act 2010 (PDPA), updated with the 2024 statutory amendments and the 2025 regulatory guidelines. Participants will gain clarity on the expanded scope of the PDPA, including the mandatory appointment of Data Protection Officers (DPOs), the right to data portability, and exclusions such as deceased individuals’ data.

The program also covers the 2025 Data Breach Notification Guideline, requiring reporting within 72 hours to the Commissioner and 7 days to affected individuals, as well as the Cross-Border Data Transfer Guideline, which sets conditions for lawful international transfers. Through real-world examples and compliance-focused content, the course equips participants with the knowledge and practical skills to ensure organizational accountability, compliance, and data resilience under Malaysia’s PDPA framework.

By the end of this course, participants will be able to:

• Understand the scope, purpose, and enforcement framework of the PDPA.
• Explain the 2024 amendments, including mandatory DPOs, data portability rights, and classification of biometric data.
• Differentiate between the roles and responsibilities of Data Controllers and Data Processors.
• Apply the seven Personal Data Protection Principles to organizational policies and practices.
• Interpret and comply with the 2025 Data Breach Notification Guideline, including reporting timelines and governance requirements.
• Identify lawful grounds for cross-border personal data transfers and conduct Transfer Impact Assessments (TIA).
• Implement safeguards such as Binding Corporate Rules (BCR), Standard Contractual Clauses (SCC), and recognized certifications.
• Recognize record-keeping obligations and additional notification requirements under related laws.
• Strengthen organizational data protection strategies through staff training, breach response, and compliance monitoring.