A practical one-day programme for Malaysian businesses that collect, use, or disclose the personal data of individuals in Singapore - whether through a Singapore branch, cross-border customers, e-commerce buyers, regional service contracts, or shared systems within a group. This training explains what Singapore's Personal Data Protection Act (PDPA 2012) requires, how it differs from Malaysia's own PDPA, and what your organisation must do to stay compliant with Singapore's PDPC.
Note: Singapore's PDPA is administered by Singapore's Personal Data Protection Commission (PDPC). There is no Malaysian government-issued certification for it. This programme is an awareness and compliance training - participants receive a Certificate of Completion from OrbixTech upon full attendance.
HRD Corp SBL-Khas Claimable
Singapore PDPA Overview & Scope
What Singapore's Personal Data Protection Act 2012 is, the role of the PDPC, and how it can apply to Malaysian organisations that collect, use, or disclose the personal data of individuals in Singapore - even where the business is based outside Singapore.
The Data Protection Obligations
The core obligations organisations must meet - consent, purpose limitation, notification, access and correction, accuracy, protection, retention limitation, transfer limitation, data breach notification, accountability, and the openness obligation - explained with everyday business examples.
Consent, Deemed Consent & Legitimate Interests
How consent works under Singapore's PDPA, the concepts of deemed consent and deemed consent by notification, and the legitimate interests and business improvement exceptions introduced in the PDPA amendments - and when you can rely on each.
Do Not Call (DNC) Registry Obligations
Singapore's Do Not Call registry rules for marketing messages, calls, and texts to Singapore numbers - checking the register, honouring opt-outs, mandatory sender information, and the practical steps marketing teams must follow to avoid penalties.
Mandatory Data Breach Notification
Singapore's mandatory data breach notification regime - what counts as a notifiable breach, the assessment and notification timelines to the PDPC and affected individuals, and a practical breach response checklist for organisations subject to both Singapore and Malaysian requirements.
Data Protection Officer & Accountability
Singapore's requirement for every organisation to appoint a Data Protection Officer, the DPO's responsibilities, and how to build accountability through policies, data inventories, and staff training - and how this compares to the mandatory DPO appointment under Malaysia's amended PDPA 2024.
Singapore PDPA vs Malaysia PDPA
Side-by-side comparison of the two PDPAs - consent, breach notification, DNC obligations, DPO requirements, transfer limitation, and financial penalties (up to S$1 million or 10% of annual turnover in Singapore). How to build a dual-compliance approach that satisfies both frameworks without duplicating effort.
Singapore PDPA Gap Assessment Workshop - participants apply the day's learning to their own organisation, identifying where Singapore PDPA obligations are already met through existing Malaysian PDPA compliance and where additional steps are required. Guided group discussion with practical next steps and a readiness action list to take back to the business.
Fee RM 1,750 per participant
Duration 1 Day (9:00 AM – 5:00 PM)
Venue Online or in-house at client's office
Level Intermediate (basic data protection awareness recommended)
HRD Corp Claimable Yes
Certificate Certificate of Completion awarded upon full attendance
Enquire about in-house delivery, group rates, or to confirm HRD Corp SBL-Khas claim details - WhatsApp us or contact us here.