Personal Data Protection for Singapore Financial Services

Course Description

IBF Accredited – Schemes: FTS; Core SFA/FAA CPD for Corporate Banking, Life Insurance, Retail Banking

Failure to properly collect, handle and protect people’s personal information can put businesses at considerable financial and reputational risk. Singapore and European laws impose strict requirements on businesses operating in Singapore, and all staff need to be adequately trained to meet these requirements.

This course covers all the areas of privacy that are likely to be encountered by financial services businesses in Singapore, and it introduces the specific data protection requirements imposed on those businesses by local regulations.

Four modules deal with the provisions of the Singapore Personal Data Protection Act (PDPA), which sets out the rules for collecting, storing, using, handling, correcting and deleting personal data. The PDPA applies to all individuals, businesses and associations that operate in Singapore or handle the personal data of Singaporeans. It covers data protection and breach notification and it has special provisions relating to telemarketing – the Do Not Call Register.

The European Union General Data Protection Regulation (GDPR) contains very strict privacy protection provisions. It applies to Singaporean organisations that deal with EU citizens or with their personal data (for example, if they have a website with any of the EU languages other than English.)

As the EU is Singapore’s third largest trading partner it is crucial that Singaporean businesses understand and comply with its requirements. The lessons in this course provide scenarios and case studies that illustrate the sorts of privacy issues that staff can expect on a daily basis, and bring the business of data protection to life.

Who is this training for?

This training is suitable for all employees and job levels including Sales, Operations, Relationship Management, Customer Services, Legal, Risk, Compliance, and other relevant functions in Financial Services.

Course outline

Module 1: Protecting personal data
Module 2: Protecting personal data (advanced)
Module 3: Do Not Call – your rights and responsibilities
Module 4: Preventing and responding to data breaches
Module 5: GDPR

About the Financial Training Scheme (FTS)

This course is recognised under the Financial Training Scheme (FTS) and is eligible for FTS claims subject to all eligibility criteria being met. Please note that in no way does this represent an endorsement of the quality of the training provider and course. Participants are advised to assess the suitability of the course and its relevance to his/her business activities or job roles.
The FTS is available to eligible entities based on the prevalent funding eligibility, quantum and caps. FTS provides up to 70% course fee subsidy support for direct training costs subject to a cap of S$500 per candidate per course subject to all eligibility criteria being met.

General Data Protection Regulation (GDPR)

Course Description

Training for staff on GDPR personal data protection and GDPR compliance to avoid GDPR fines

Product Description

The standard of privacy and security of personal information has never been higher. Meeting your General Data Protection Regulation (GDPR) obligations isn’t just a matter of GDPR compliance, it’s a matter of consumer confidence.

The General Data Protection Regulation (GDPR) harmonises privacy law and data processing practice across the EU. But it doesn’t just apply to EU businesses – if you do any business in the EU or collect or use personal information of any individuals located in the EU, you need to comply with the GDPR or you’ll face heavy penalties. Staff at all levels need to understand the importance of privacy policy and the penalties for breaching GDPR.

Who is this training for?

This training is suitable for staff at any level of your organisation, especially those who collect or handle personal information, or as a refresher for Data Protection Officers.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

What rights do individuals have in relation to their personal data

  • How the GDPR compliance involves you
  • Restrictions on processing personal data
  • What rights do individuals have in relation to their personal data
  • What to do in the event of a data breach
  • Fines and penalties for breaching the GDPR

 

Health Privacy – Australia

Course Description

Ensuring the integrity of sensitive health information

Product Description

Compliance with privacy laws is crucial to maintaining customer trust, particularly in the health sector where organisations are constantly under scrutiny for misuse or mishandling of sensitive information such as medical records. With data breaches on the rise, health service providers and other organisations are, now more than ever, prioritising the proper handling of personal and health information.

This course takes learners through the lifecycle of personal information, from collection, use and disclosure, storage, access and correction, and their privacy law obligations at each stage. We use accessible language and practical scenarios to explain and illustrate technical concepts in an engaging way. The introductory module summarises key concepts for front line staff. Subsequent modules explore the Health Privacy Principles (HPPs) in more detail. We also look at mandatory data breach reporting requirements and what to do when an incident arises.

Customer privacy is one of health sector organisations’ biggest operational risks, and this course features real-life cases highlighting the major industry concerns, what organisations are doing right and what they could be doing better

New Update!

We keep our training up to date so that you don’t have to worry about your compliance with the latest developments.

In December 2022 the Australian Government, in response to the Optus data breach and others, passed the Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022, which introduced major financial penalties for both individuals and organisations in relation to privacy breaches. Some penalties are now 20 times as large as they were before – or more.

The new law also significantly expands the Australian Information Commissioner’s powers.

Our training reflects this new legislation.

Who should do this training?

This training is designed for staff at any level within an organisation that comes in contact with private information or could be at risk of breaching Australian privacy laws.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

  • Module 1: Introducing privacy
  • Module 2: Management and collection
  • Module 3: Use or disclosure
  • Module 4: Storage, access and correction
  • Module 5: Credit reporting obligations

Privacy Training for Financial Services – Australia

Course Description

This training is targeted to the various relevant areas of your organisation

Failure to properly collect, handle and protect people’s personal information can put businesses at considerable financial and reputational risk. The Australian Privacy Principles impose strict requirements on businesses, and all staff need to be adequately trained to meet these requirements.


This suite of seven courses covers all the areas of Australian privacy law that are likely to be encountered in a financial services business. Staff in different areas will focus on different aspects of privacy and this training is designed to allow L&D teams to target learning to the appropriate staff teams. The lessons provide scenarios on each topic. These practical examples illustrate the sorts of customer interaction that staff can expect on a daily basis.

Data breaches involving personal information may be prevented through effective training and enhanced systems, analysis of the first 12 months of mandatory notifications reveals.

Our report shows a clear trend towards the human factor in data breaches — so training and supporting your people and improving processes and technology are critical to keeping customers’ personal information safe.
– Office of the Australian Information Commissioner Report 13 May 2019

Who should do this training?

The course is suitable for all staff who handle personal information. Moreover, all staff, including directors and senior managers, should
be familiar with the introductory material in course one: Overview of Privacy Regulation.

Credit Reporting

GRC Solutions also offers online compliance training in Credit Reporting – see below.

For more information on other GRC Solutions’ privacy training resources …

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Credit Reporting – covering the Credit Reporting Act

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

Module one: Overview of Privacy Regulation

Module two: Collecting Personal Information

Module three: Dealing with Personal Information (Use andDisclosure)

Module four: Access and Correction

Module five: Mandatory Breach Reporting

Module six: Handling Privacy Complaints

Module seven: Overview of the Australian Privacy Principles (for Supervisors)

Privacy – New Zealand

Course Description

This course provides training on dealing with personal information under the latest New Zealand Privacy law

Privacy is one of the biggest issues a business faces; it affects them when dealing with customers, suppliers and staff. Businesses need to ensure their staff understand what is required of them when dealing with individuals’ personal information. To ensure there are no flaws in your system, it is imperative that each and every employee understands what they can and cannot do with personal information.

In this course you and your Staff will learn all about the Information Privacy Principles. Learn what personal information is and how and when to handle, collect, retain and disclose it. Find out how to prevent a privacy or data breach from occurring and how to manage the incident if an event occurs.

Even if your business has no physical presence in New Zealand, the local privacy laws may still apply. Find out the process and regulations for managing crossborder data flows.

Scenario: Meredith is a sales representative at BargaiNZ, a national department store chain.

A customer, Roberta, has bought a stereo. Meredith offers to register Roberta’s details for the stereo warranty with the store, in case Roberta loses her receipt. Roberta seems reluctant.

Roberta: “I just think the fewer people who have my information, the better. If I give my details to an entity and they misuse it, or it gets stolen, there’s nothing I can do about it personally. Then my info is just out there and there’s nothing I can do.” 

If Roberta did give BargaiNZ her details and BargaiNZ breached privacy law with them, what could Roberta do?

Who should do this training?

The training is suitable for staff at any level of an organisation that collects, holds or uses personal information and does business in New Zealand.

It is designed to cater for a diverse audience and all levels of staff, addressing the legal content in plain language.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

Module 1: Introducing privacy

·        What is personal information?

·        Describe the scope of privacy law in relation to New Zealand

·        Collection, storage access and correction of personal information

·        Obligations in relation to the use and disclosure of personal information

·        What to do when a data breach occurs and what penalties can be imposed for breaches of privacy law

Module 2: Collection

·        Identify when you can collect personal information

·        What sources you can use for personal information

·        Requirements for notifying individuals of collection

·        Exceptions to notification of collection

·        Describe the manner in which you can collect personal information

Module 3: Storage, access and correction

·        Explain the importance of keeping personal information secure in your role

·        Identify ways to protect and control access to personal information

·        How to handle requests for access to personal information

·        When you can refuse to grant individuals access to their personal information

·        Why and when agencies should correct personal information they hold

Module 4: Use and disclosure

·        Describe how to ensure personal information is accurate

·        Determine whether you should retain or dispose of personal information

·        Identify the limits on use and disclosure of personal information

·        In what situations you can use or disclose personal information for direct marketing

·        The prohibition on the assignment or use of unique identifiers

Module 5: Credit reporting

·        Identify the entities involved in credit reporting

·        The principles governing the management and collection of credit information

·        Circumstances in which credit reporters are permitted to use or disclose credit information

·        Your obligations relating to storing credit information, giving individuals access to personal information and making corrections

·        Outline the procedure for dealing with complaints

Privacy Compliance Training Course

Course Description

Training on privacy and recognising and dealing with information security risks and threats and the importance of a privacy policy

Product Description

Privacy breaches make headlines all the time. But while everyone thinks they know what privacy is, understanding the importance of a privacy policy and how the laws apply to our work, clients and customers is another matter

Who is this training for?

This training is designed for staff at any level within an organisation that comes in contact with private information or could be at risk of breaching privacy laws, or who need to understand the importance of a privacy policy.

Course Outline

Module 1 : Introducing privacy

    •What is personal information?

    •Types of information collected

    •How to manage personal information

    •Information use and information disclosure

    •How to store, access and correct information

Module 2 : Management and collection

    •The importance of a privacy policy

    •Assessing individuals’ right to deal with entities anonymously or pseudonymously

    •Collecting solicited personal and sensitive information

    •Dealing with unsolicited personal information

    •Notifying individuals

Module 3 : Use and disclosure

    •Primary and secondary purposes of data collection

    •When you cannot perform direct marketing

    •Requirements under other laws, codes or practice and standards

    •Ensuring compliance with privacy law by overseas recipients

    •Adopting, using or disclosing government-related identifiers

Module 4 : Storage,access and correction

    •Quality of personal information requirements

    •Data breaches

    •De-identifying or destroying personal data

    •Dealing with requests for access to personal information

    •Correcting personal information

Privacy

Course Description

This course trains staff on businesses’ obligations under the Australian Privacy Act and the Australian Privacy Principles (APPs)

Product Description

Dealing with personal information

Privacy breaches make headlines all the time. But while everyone thinks they know what privacy is, understanding how the laws apply to our work, clients and customers is another matter.

Salt Compliance Privacy training breaks down the privacy requirements into language that learners can understand, supported by a rich visual design.

The introductory module summarises the key concepts surrounding how we handle personal information at work. Subsequent modules explore the Australian Privacy Principles (APPs) in more detail. The final module focuses on
credit reporting obligations.

Scenarios and case studies appear throughout the modules, helping to place the training into vivid practical context.

The course contains a fresh look and feel that is intended to attract learners’ active engagement throughout the training, without overwhelming or distracting them from the concepts.

Who should do this training?

This training is designed for staff at any level within an organisation that comes in contact with private information or could be at risk of breaching Australian privacy laws.

It is designed to cater for a diverse audience and all levels of staff, and addresses all 13 Principles in plain language.

If your organisation has any specific privacy requirements, the Salt Privacy standard format can be customised to your individual needs. If you are in the health sector, please enquire about our Health Privacy course.

Custom courses

If your organisation has any specific privacy requirements, the Salt Privacy standard format can be customised to your individual needs. If you are in the health sector, read about Salt Health Privacy.

  • Generic course
  • Health Privacy

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

  • Module 1: Introducing privacy
  • Module 2: Management and collection
  • Module 3: Use or disclosure
  • Module 4: Storage, access and correction
  • Module 5: Credit reporting obligations

Personal Data Protection compliance training course- Singapore

An IBF Accredited Course

Handling personal data and personal data protection in Singapore or of people in Singapore and the importance of a privacy policy

Dealing with personal information

Privacy relates to any personal data  – whether true or not − that can identify us. We share personal data every day: in emails, text messages, photos, videos, credit cards and online banking. Modern technology has made it easy to send and store personal data. Businesses need to ensure their staff understand what is required of them when dealing with individuals’ personal information.

What is protection of Personal Data?

Privacy laws aim to protect our personal data. They are intended to ensure that organisations comply with set rules for handling this data. Any personal data that is accessed, kept or used by organisations must comply with these rules (unless an exemption applies).

What is the role of PDPA?

The Personal Data Protection Act, Singapore(PDPA) is a law that sets out the rules for handling personal data. It establishes open and fair processes for how organisations collect, use and disclose personal data, including data about their customers. Under the PDPA, any personal data stored by an organisation must be kept accurate, up-to-date and secure. The PDPA also gives individuals the right to access any personal data held about them and to ask for it to be corrected if it is wrong.

The PDPA applies to all individuals, companies, associations or bodies of persons, incorporated or unincorporated whether located in or outside Singapore.

Who is this training for?

This course is designed to cater for a diverse audience and different levels of staff in plain English. If your organisation has any specific data privacy requirements, this course can be customised to your individual needs.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

  • Module 1: Personal data protection
  • Module 2: Personal data protection (advanced)
  • Module 3: Do  Not Call – your rights and responsibilities (for sales and marketing staff)
  • Module 4: Preventing and responding to data breaches
  • Module 5: GDPR

 

Personal Data Protection Compliance Training Course – Malaysia

Course Description

This course provides training on the requirements for collecting and handling personal information in Malaysia

Failure to properly collect, handle and protect people’s personal information can put businesses at considerable financial and reputational risk. Malaysian and European laws impose strict requirements on businesses operating in Malaysia, and all staff need to be adequately trained to meet these requirements and understand what is required of them when dealing with individuals’ personal information.

This course covers all the areas of privacy law that are likely to be encountered by Malaysian businesses. Three modules deal with the provisions of the Malaysian Personal Data Protection Act (PDPA), which sets out the rules for collecting, storing, using, handling, anonymizing, correcting and deleting personal data. It applies to all individuals, businesses and associations that operate in Malaysia or handle the personal data of Malaysians. It covers data protection and breach notification.

The European Union General Data Protection Regulation (GDPR) contains very strict privacy protection provisions. It applies to Malaysian organisations that deal with EU citizens or with their personal data (for example, if they have a website with any of the EU languages other than English.) As the EU is Malaysia’s third largest trading partner it is crucial that Malaysian businesses understand and comply with its requirements.

The lessons in this course provide scenarios and case studies that illustrate the sorts of privacy issues that staff can expect on a daily basis, and bring the business of privacy protection to life.

The PDPA was seen as a key enabler to strengthen consumer confidence in electronic commerce and business transactions …

– Shanthi Kandiah, SK Chambers The Privacy, Data Protection and Cybersecurity Law Review – Edition 5 October 2018

Who should do this training?

The course is suitable for all staff who handle personal information. Moreover, all staff, including directors and senior managers, should be familiar with the introductory material in course one and the GDPR material in course four.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

Module one: Protecting Personal Data

Module two: Protecting Personal Data (Advanced)

Module three: Preventing and responding to data breaches

Module four: GDPR

Cyber Security – Australia

Course Description

Preventing Data Breaches

Everyone in the workplace has a role to play in information security. The first step in reducing the risk of data breaches is to learn what they are and be aware of how they typically occur, so that appropriate measures can be taken to prevent them from taking place in the future.

This course surveys the most common information security risks and breaches, including direct observation, malware viruses, phishing, identity theft, spam and credit card skimming. It explores how mobile devices such as laptops and phones are vulnerable to theft. It also considers the security risks associated with working remotely, as well as the personal and professional issues associated with online activities such as using social media or storing information in the cloud. Each topic is explored in plain English, followed by a clear explanation of simple strategies for protecting data.

Who is this training for?

This course is suitable for everyone responsible for handling information in the workplace, whether they are at work, at home or offsite.

Course Outline

  • Module 1: Introduction
  • Module 2: Protecting Work Information
  • Module 3: At work, at home and offsite