We've noticed this is not your region.
Redirect me to my region
What do you want to learn today?

Data Protection Officer Certification Workshop

Inquire Now
On-Site / Workshop
Ended last Nov 07, 2019
IDR  8,000,000.00


The rise of Big Data have made data the new global commodity.
The economic and political impact of controlling personal data created the need to regulate organisations and individuals involved in collecting, storing, processing and transferring such data. Jurisdictions across the world have enacted data protection laws with extra-territorial applications. Indonesia is no exception in adapting and responding to this global phenomenon in this 4th Industrial Revolution era. The largest South East Asian economy will have its own personal data protection law (Undang-Undang Perlindungan Data Pribadi) that adopts EU GDPR approach. Under the new Indonesian personal data protection law, organisations will be required to consult with Data Protection Officer (DPO) to ensure compliance, evaluating the impact in the use of personal data, as well as handling personal data breaches. DPO is a new profession, especially in Indonesia. The legal requirement for companies to have in-house DPO or employ the services of external professional DPO has created an increasing demand for DPO in the job market. Companies are investing in building their personal data protection department and law firms are expanding their services to respond to their clients’ need in personal data protection related matters. Schinder is proud to organise the first DPO Certification Workshop in Indonesia. The Workshop will be facilitated by prominent international expert in personal data protection laws and designed to provide detailed understanding on the subject under local laws and international best practice. Upon the completion of the Workshop, participants will have the required skills and expertise to act as professional DPO.

Course Description
The proposed Personal Data Protection Act (PDPA) provides a comprehensive framework for the processing of personal data. This framework balances the legitimate needs of organisations to collect and process data against the rights of individuals. The law sets out new duties and obligations on companies and organizations in the country. Similarly, customers and employees are given certain rights in relation to their personal data. More importantly, companies and organisations can be held criminally liable for their action or inaction under the law. The PDPA is the beginning of the end of business as usual as far as data processing is concerned. A good corporate governance in an organisation will often involve the preparation towards compliance with new rules and regulation. Failure to do so will have serious implication on the top management as any breaches of the PDPA by an organization may give rise to the allegations that the management and officers are in breach of their duties. And the first step to ensuring compliance is to understand the legislation.

Learning Objectives/Outcome
At the end of the course, the participants will: • Acquire a thorough understanding of the basic concepts and components of the International Data Protection legal regime • Acquire a thorough understanding of the data protection laws of Asia Pacific Countries and their similarities /differences with the EU-GDPR (gold standard) • Acquire an in-depth knowledge of the Personal Data Protection Act • Acquire a thorough understanding of the concepts, approaches, methods and techniques for the effective protection of personal data • Interpret the data protection requirements in the specific context of an organisation • Develop the expertise to support an organisation to plan, implement, manage, monitor and maintain ongoing compliance to the Personal Data Protection Act. • Qualify to become a certified Data Protection Officer

Educational Approach
This training, which is international in nature, is based on both the legislation and best practices • Lecture sessions are illustrated with practical questions and examples • Practical exercises include real-life examples, group discussion and role play • Simulations

Who should attend?
• Project managers or consultants seeking to prepare and support an organisation in planning, implementing, and maintaining a compliance program based on the PDPA • Data Protection Officers (DPO) and Senior Managers responsible for the personal data protection matters and risk management • Members of an information security, incident management and business continuity team • Expert advisors involved in security of personal data • Technical experts and compliance experts seeking to prepare for a Data Protection Officer role • Any individual who would like to acquire new knowledge


Module I:
 Introduction to Privacy and Data Protection • Definitions and Concept • Different Types of Privacy • Privacy as Human Rights • The Right to Privacy in Indonesia • Business Case for Data Protection

Module II:
 International, Regional and National Data Protection Regime • OECD Guidelines and the data protection principles • Council of Europe Convention • EU GDPR • Data Protection law in Asia • EU GDPR vs. Asian Law

Module III:
 Applicability of the PDPA, Personal Data, Sensitive Data, Data Controllers and Data Processor, etc • Terms and Definitions • Applicability and non-applicability of the PDPA and Its impacts • Personal Data/Sensitive Data and the Processing • Data Users and Data Processors • Outsourcing agreements/contracts

Module IV:
 Data Protection Rules and Principles • Interpretations of the Principles • Impacts on companies • What to do to comply? • Exceptions • Things to Avoid

Module V:
 Privacy Policy/Statement • A Good Privacy Policy: Some Basics • Top Tips to Develop a Good Privacy Policy • Content of Privacy Policy • Layered Privacy Policy/Statement • Developing a Privacy Policy: Some Guidelines • Case Studies • Developing A Good Privacy Policy: Exercise

Module VI:
 Rights of Data Subject • The rights of data subject • Specific requirements • What companies must do? • Exceptions • Things to Avoid
Module VII:
 Security of Processing/Managing Data Breaches • What companies must do to comply with all the principles? • What amount to data breaches? • Data Breach Notification • Data Breach Response Plan • How to develop security policy?

Module VIII:
 International Data Transfers • The Rules in other jurisdictions • APEC Cross-Border Privacy Rules (CBPR) • How Indonesia will assess “adequacy”? • Assessing “adequacy” in other Jurisdictions: EU GDPR, Singapore, etc • Developing Data Transfer Contract: Exercise • Transfer of data within group of companies: Binding Corporate Rules • Developing Binding Corporate Rules: Exercise

Module IX:
 Supervisions and Enforcement • Duties, Functions and Powers of the Supervisory Authority • Redress for non-compliance • Steps to Implement the Law • Things to Avoid • A quick “How to Comply” checklist

Module X:
 Data Protection Officer (DPO) • Designation of a DPO • Position of the DPO • Tasks of the DPO • What Companies must do to support the DPO? • Other matters concerning the DPO


Professor Abu Bakar Munir
Professor Abu Bakar Munir is an internationally renowned scholar, expert and consultant on Cyber Law and Data Protection Law. He was a Professor of Law at the Faculty of Law, University of Malaya. He is currently a Visiting Professor at the Atmajaya University, Jakarta.

He is also the Legal Adviser and Data Protection Consultant to the Straits Interactive Pte. Ltd., Singapore, Senior Adviser to the Schinder Law Firm, Jakarta, a member of the Academic Advisory Council of the Asia Pacific Institute for Digital Economy, (APIDE) Tokyo, and a member of the Asian Privacy Scholars Network (APSN), Australia.

He is the co-founder and director of the Bali International Arbitration and Mediation Center and the founder and Principal Consultant of the Data Protection Sdn. Bhd.

Professor Abu Bakar is the author of several books; Privatization (1992), Cyberlaw: Policies and Challenges (1999), Privacy and Data Protection (2002), Internet Banking: Law and Practice (2004), and Information and Communication Technology Law: State, Internet and Information (2010), Personal Data Protection in Malaysia: Law and Practice (2010), Data Protection Law in Asia (2014) and Data Protection Law in Asia (second edition 2018).

He also widely publishes numerous articles on several aspects of ICT law and data protection law. He speaks extensively at seminars, workshop and conferences around the world including those organised/hosted by universities such as the NUS, Oxford, Cambridge, MIT, etc. Google, Facebook, Microsoft, Yahoo are amongst the participants of his talks and presentations. He represented Asia in the Europe – Asia Dialogue on the Digital Economy at the Johns Hopkins University in Washington D.C. Professor Abu Bakar Munir has been far and wide consulted by the governments and private entities in Malaysia and around the globe. Amongst the companies are TM, Chartis Insurance, POS Malaysia, PKNS, CIMB, Bank Negara, ELM of Saudi Arabia and many more.

He was appointed the Adviser to the Government of Malaysia and was instrumental in the crafting and passing of the Malaysian Personal Data Protection Act 2010. He was seconded as the IT Law Adviser and Principal Consultant to the Government of Dubai, UAE where he led an international team of consultants in developing and drafting several IT legislations to facilitate the Dubai Internet City, a multi-billion-dollar IT project.

He is currently assisting the Government of Indonesia in developing the personal data protection law for the country. He was a Council Member of the Asia Pacific Privacy Charter Council (APPCC) and the recipient ofthe Malaysia Cyber Security Awards (Minister’s Award) 2010 and the Malaysia Cyber Security, (Information Security Visionary of the Year) Award 2010.

His other areas of specialization include the Air and Space Law, Child law, Evidence Law, Nanotechnology Law and Policy, and Renewable Energy Law and Policy. He has published numerous articles on these subjects. His work, “Renewables: Solar Energy Needs Focus” was published in Nature in January 2016.
Be the first to write a review about this course.
Write a Review

Indonesia is the biggest country in Southeast Asia. Its booming economy harbors a lot of investment opportunities.

Schinder Business Center team consists of multi-national experts who have lived and worked in various countries. It was founded by Schinder Law Firm.

At SBC, we will provide you with the best assistance that you expect and need to transform your ideas into a functioning business in Indonesia.

We understand your needs for an office and integrated services and we know how to simplify your business process in the most economical and efficient way.

Schinder Business Center provides Office Rental Solution. Moving into our fully furnished office is as easy as booking a hotel. You can have it all.
- Co-working Space
- Serviced Office
- Virtual Office 
- Meeting Facilities
- Professional Bilingual Phone answering
- Customized secretarial adn IT services
- Accounting, Visa, Work permit, and Company registration, Breakfast meetings, and 
  Business seminars.

Schinder Business Center also providing Legal Services such as: Structuring Foreign Investment; Company Establishment; Legal Due Diligence; M&A; Legal Compliance; Labor & Employment; Property Foreign Ownership; Litigation & Arbitration.    ...

Schinder Business Center
Jl. Dr. Ide Anak Agung Gde Agung Kav. E.4.2 No. 2 Mega Kuningan, Jakarta Selatan, Jakarta Selatan, DKI Jakarta, Indonesia 12950
(021) 2978 3188 / 2978 3077
Sending Message
Please wait...
× × Speedycourse.com uses cookies to deliver our services. By continuing to use the site, you are agreeing to our use of cookies, Privacy Policy, and our Terms & Conditions.