Does your compliance training work? Lessons from the Department of Justice

With every big news story of scandal, fraud, bribery, money laundering in global or American companies, comes a big question. How does it happen?

Privacy – New Zealand

Course Description

This course provides training on dealing with personal information under the latest New Zealand Privacy law

Privacy is one of the biggest issues a business faces; it affects them when dealing with customers, suppliers and staff. Businesses need to ensure their staff understand what is required of them when dealing with individuals’ personal information. To ensure there are no flaws in your system, it is imperative that each and every employee understands what they can and cannot do with personal information.

In this course you and your Staff will learn all about the Information Privacy Principles. Learn what personal information is and how and when to handle, collect, retain and disclose it. Find out how to prevent a privacy or data breach from occurring and how to manage the incident if an event occurs.

Even if your business has no physical presence in New Zealand, the local privacy laws may still apply. Find out the process and regulations for managing crossborder data flows.

Scenario: Meredith is a sales representative at BargaiNZ, a national department store chain.

A customer, Roberta, has bought a stereo. Meredith offers to register Roberta’s details for the stereo warranty with the store, in case Roberta loses her receipt. Roberta seems reluctant.

Roberta: “I just think the fewer people who have my information, the better. If I give my details to an entity and they misuse it, or it gets stolen, there’s nothing I can do about it personally. Then my info is just out there and there’s nothing I can do.” 

If Roberta did give BargaiNZ her details and BargaiNZ breached privacy law with them, what could Roberta do?

Who should do this training?

The training is suitable for staff at any level of an organisation that collects, holds or uses personal information and does business in New Zealand.

It is designed to cater for a diverse audience and all levels of staff, addressing the legal content in plain language.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

Module 1: Introducing privacy

·        What is personal information?

·        Describe the scope of privacy law in relation to New Zealand

·        Collection, storage access and correction of personal information

·        Obligations in relation to the use and disclosure of personal information

·        What to do when a data breach occurs and what penalties can be imposed for breaches of privacy law

Module 2: Collection

·        Identify when you can collect personal information

·        What sources you can use for personal information

·        Requirements for notifying individuals of collection

·        Exceptions to notification of collection

·        Describe the manner in which you can collect personal information

Module 3: Storage, access and correction

·        Explain the importance of keeping personal information secure in your role

·        Identify ways to protect and control access to personal information

·        How to handle requests for access to personal information

·        When you can refuse to grant individuals access to their personal information

·        Why and when agencies should correct personal information they hold

Module 4: Use and disclosure

·        Describe how to ensure personal information is accurate

·        Determine whether you should retain or dispose of personal information

·        Identify the limits on use and disclosure of personal information

·        In what situations you can use or disclose personal information for direct marketing

·        The prohibition on the assignment or use of unique identifiers

Module 5: Credit reporting

·        Identify the entities involved in credit reporting

·        The principles governing the management and collection of credit information

·        Circumstances in which credit reporters are permitted to use or disclose credit information

·        Your obligations relating to storing credit information, giving individuals access to personal information and making corrections

·        Outline the procedure for dealing with complaints

Financial Crime Webinar: Sanctions, managing your responsibilities

To comply and to protect their reputation, businesses must have a clear understanding of managing sanctions and engaging with clients.

Privacy Compliance Training Course

Course Description

Training on privacy and recognising and dealing with information security risks and threats and the importance of a privacy policy

Product Description

Privacy breaches make headlines all the time. But while everyone thinks they know what privacy is, understanding the importance of a privacy policy and how the laws apply to our work, clients and customers is another matter

Who is this training for?

This training is designed for staff at any level within an organisation that comes in contact with private information or could be at risk of breaching privacy laws, or who need to understand the importance of a privacy policy.

Course Outline

Module 1 : Introducing privacy

    •What is personal information?

    •Types of information collected

    •How to manage personal information

    •Information use and information disclosure

    •How to store, access and correct information

Module 2 : Management and collection

    •The importance of a privacy policy

    •Assessing individuals’ right to deal with entities anonymously or pseudonymously

    •Collecting solicited personal and sensitive information

    •Dealing with unsolicited personal information

    •Notifying individuals

Module 3 : Use and disclosure

    •Primary and secondary purposes of data collection

    •When you cannot perform direct marketing

    •Requirements under other laws, codes or practice and standards

    •Ensuring compliance with privacy law by overseas recipients

    •Adopting, using or disclosing government-related identifiers

Module 4 : Storage,access and correction

    •Quality of personal information requirements

    •Data breaches

    •De-identifying or destroying personal data

    •Dealing with requests for access to personal information

    •Correcting personal information

Resources Available – Modern Slavery Webinar – Indicators of modern slavery in financial transactions

Resources Available – Modern slavery is a risk for financial services businesses in Australia – in this webinar, Kimberly Randle of Fair Supply looked at the financial typology of modern slavery

Privacy

Course Description

This course trains staff on businesses’ obligations under the Australian Privacy Act and the Australian Privacy Principles (APPs)

Product Description

Dealing with personal information

Privacy breaches make headlines all the time. But while everyone thinks they know what privacy is, understanding how the laws apply to our work, clients and customers is another matter.

Salt Compliance Privacy training breaks down the privacy requirements into language that learners can understand, supported by a rich visual design.

The introductory module summarises the key concepts surrounding how we handle personal information at work. Subsequent modules explore the Australian Privacy Principles (APPs) in more detail. The final module focuses on
credit reporting obligations.

Scenarios and case studies appear throughout the modules, helping to place the training into vivid practical context.

The course contains a fresh look and feel that is intended to attract learners’ active engagement throughout the training, without overwhelming or distracting them from the concepts.

Who should do this training?

This training is designed for staff at any level within an organisation that comes in contact with private information or could be at risk of breaching Australian privacy laws.

It is designed to cater for a diverse audience and all levels of staff, and addresses all 13 Principles in plain language.

If your organisation has any specific privacy requirements, the Salt Privacy standard format can be customised to your individual needs. If you are in the health sector, please enquire about our Health Privacy course.

Custom courses

If your organisation has any specific privacy requirements, the Salt Privacy standard format can be customised to your individual needs. If you are in the health sector, read about Salt Health Privacy.

  • Generic course
  • Health Privacy

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

  • Module 1: Introducing privacy
  • Module 2: Management and collection
  • Module 3: Use or disclosure
  • Module 4: Storage, access and correction
  • Module 5: Credit reporting obligations

Personal Data Protection compliance training course- Singapore

An IBF Accredited Course

Handling personal data and personal data protection in Singapore or of people in Singapore and the importance of a privacy policy

Dealing with personal information

Privacy relates to any personal data  – whether true or not − that can identify us. We share personal data every day: in emails, text messages, photos, videos, credit cards and online banking. Modern technology has made it easy to send and store personal data. Businesses need to ensure their staff understand what is required of them when dealing with individuals’ personal information.

What is protection of Personal Data?

Privacy laws aim to protect our personal data. They are intended to ensure that organisations comply with set rules for handling this data. Any personal data that is accessed, kept or used by organisations must comply with these rules (unless an exemption applies).

What is the role of PDPA?

The Personal Data Protection Act, Singapore(PDPA) is a law that sets out the rules for handling personal data. It establishes open and fair processes for how organisations collect, use and disclose personal data, including data about their customers. Under the PDPA, any personal data stored by an organisation must be kept accurate, up-to-date and secure. The PDPA also gives individuals the right to access any personal data held about them and to ask for it to be corrected if it is wrong.

The PDPA applies to all individuals, companies, associations or bodies of persons, incorporated or unincorporated whether located in or outside Singapore.

Who is this training for?

This course is designed to cater for a diverse audience and different levels of staff in plain English. If your organisation has any specific data privacy requirements, this course can be customised to your individual needs.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Malaysia

Data Protection Malaysia – covering the Personal Data Protection Act 2010 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

  • Module 1: Personal data protection
  • Module 2: Personal data protection (advanced)
  • Module 3: Do  Not Call – your rights and responsibilities (for sales and marketing staff)
  • Module 4: Preventing and responding to data breaches
  • Module 5: GDPR

 

Free Webinar – Fostering diversity, inclusion and respect at work in the age of Zoom

Catharine Lumby (Professor of Media at the University of Sydney, author, journalist and Principal of Catherine Lumby Associates) in conversation with Adrian Phoon (Head of Content at GRC Solutions and former Co-Chair of Sydney Gay & Lesbian Mardi Gras)

Personal Data Protection Compliance Training Course – Malaysia

Course Description

This course provides training on the requirements for collecting and handling personal information in Malaysia

Failure to properly collect, handle and protect people’s personal information can put businesses at considerable financial and reputational risk. Malaysian and European laws impose strict requirements on businesses operating in Malaysia, and all staff need to be adequately trained to meet these requirements and understand what is required of them when dealing with individuals’ personal information.

This course covers all the areas of privacy law that are likely to be encountered by Malaysian businesses. Three modules deal with the provisions of the Malaysian Personal Data Protection Act (PDPA), which sets out the rules for collecting, storing, using, handling, anonymizing, correcting and deleting personal data. It applies to all individuals, businesses and associations that operate in Malaysia or handle the personal data of Malaysians. It covers data protection and breach notification.

The European Union General Data Protection Regulation (GDPR) contains very strict privacy protection provisions. It applies to Malaysian organisations that deal with EU citizens or with their personal data (for example, if they have a website with any of the EU languages other than English.) As the EU is Malaysia’s third largest trading partner it is crucial that Malaysian businesses understand and comply with its requirements.

The lessons in this course provide scenarios and case studies that illustrate the sorts of privacy issues that staff can expect on a daily basis, and bring the business of privacy protection to life.

The PDPA was seen as a key enabler to strengthen consumer confidence in electronic commerce and business transactions …

– Shanthi Kandiah, SK Chambers The Privacy, Data Protection and Cybersecurity Law Review – Edition 5 October 2018

Who should do this training?

The course is suitable for all staff who handle personal information. Moreover, all staff, including directors and senior managers, should be familiar with the introductory material in course one and the GDPR material in course four.

For more information on other GRC Solutions’ privacy training resources:

Australia

Privacy – Covering the Privacy Act and the Australian Privacy Principles

Privacy for Schools – Covering the Privacy Act and the Australian Privacy Principles as they apply to schools

Health Privacy – Health businesses collect and maintain sensitive personal information

Australia – Financial Services

Financial Services Privacy Training – covering the Privacy Act and the Australian Privacy Principles

Credit Reporting – covering the Credit Reporting Act

Health Privacy

New Zealand

Privacy – New Zealand – covering privacy in New Zealand under the 2020 updates to the law

Europe

General Data Protection Regulation – covering the GDPR – which has global implications

Singapore

Data Protection Singapore – covering the Personal Data Protection Act 2012 and also the implications of the GDPR

California

California Consumer Privacy Act

Course Outline

Module one: Protecting Personal Data

Module two: Protecting Personal Data (Advanced)

Module three: Preventing and responding to data breaches

Module four: GDPR

GRC Solutions Perth Whistleblowing Seminar 2020

GRC Solutions hosted its latest lunchtime seminar in Perth on 19 February – Whistleblowing 2.0 – making whistleblowing work, considering post policy practicalities.