I am a business process analyst by profession who balances productivity, control and compliance by implementing and/or redesigning best in class standards and practices. I initially started with process documentation until organisational changes led me to risk, compliance and privacy tasks. I practiced all of it, in full or partially, in the telco, bank and media industries. It was in the telco and media industries that I had my extensive exposure to standards and practices that are useful in my Privacy Program activities.
It made me conscious of the social impact of recommendation as an output of my work. Cost-effective measures should not compromise the interest of anybody who knowingly or unknowingly gave their personal information in exchange for a product or service. My data protection role in my organisation includes:
1. Privacy Impact Assessment - Reviewing PIAs submitted by process owners before it is endorsed by DPO for approval
2. Privacy Programme Management - Create Privacy Programme each year to guid Privacy team on what needs to be done, sort of like DPMP (Data Protection Management Programme)
3. Policy and Process Documentation - Create policy and process documentation to be consulted with and approved by DPO and other concerned business units.
4. Audit - Point person for privacy audit conducted by internal and/or external resources.
Regulatory enforcement introduced me to the Data Privacy Act and it coincided with an incident on unauthorised use of my personal information taken from a social media site at that time. These two fuelled my desire to learn more about privacy concept and practices.
I enrolled and passed the courses on Certified Information Privacy Manager, Hands-on data protection and cybersecurity course and GDPR in Asia. Straits' methodology is simple, practical and easy to relate and recall. Straits methodology helps you to do a sustainable compliance programme.
I am an IT Business Process & Knowledge Manager and am currently in transition to becoming an IT Control and Assurance Manager.
Choose your training provider carefully. It pays to know their potential value-add to your professional growth and personal advocacy, by doing research on them.
Be practical about it. Research, create or develop sustainable practices that promote privacy culture. My parting words, with regard to privacy and data protection, is: “Privacy is a social responsibility of all!”
Access online / in-person courses and view past training records
Join lively discussions on pertinent data protection topics
Gain access to data protection research and video resources
Receive value-added data protection updates from the region
In this edition, we feature Louis Tan who works in Experian and plays a key rol…
In this edition, we feature Ann Tan Dip in Compliance and Adv Dip in Data Prote…
In this edition, we feature Jay C. Gomez, CISM, CIPM (IAPP), Head of Informatio…