Data Protection
Officer Programme

Course Overview

To equip participants with practical knowledge and hands-on skills to confidently perform the duties of a Data Protection Officer (DPO) in compliance with the Malaysian PDPA 2010.

Awarded by: UNIMY & Coursera

Duration: 2 Days

Location: BAC Flagship Campus

Study mode: Hybrid

Intakes: In Progress

Course Fees: RM3,500

Target Industries

This course is ideal for all industries that handle personal data, including:
  • Financial Services & Insurance
  • Healthcare & Hospitals
  • Education & Training
  • Retail & E-Commerce
  • Telecommunications
  • Government & Public Sector
  • Technology & IT Services
  • Hospitality & Tourism

What you'll gain

The course is interactive and practical, delivered through:
  • Trainer-led sessions
  • Case studies and real-life scenarios
  • Group activities and discussions
  • Hands-on templates and tools
  • Quizzes and role plays
  • Final recap and knowledge check

Who should attend?

  • Data Protection Officers (DPOs)
  • Compliance Officers
  • Legal Advisors
  • IT Security Managers
  • Risk Managers
  • HR Managers
  • Operations Managers
  • Department Heads handling personal data

Course Outcome

  • Module 1: Kick-off, Expectations & Challenges

    Participants will:

    • Connect and engage through an interactive icebreaker focused on real data-protection scenarios
    • Explore and align course goals with organisational compliance needs
    • Surface and prioritise their organisation’s key PDPA pain-points through a guided activity
  • Module 2: Mastering the Malaysian PDPA (Act 709)

    Participants will:

    • Differentiate and classify what qualifies as Personal Data in real business contexts
    • Apply and interpret the 7 Data Protection Principles using practical examples
    • Distinguish and evaluate the roles of Data User vs Data Processor in real workflows
    • Assess and manage cross-border transfer obligations and risks
    • Contrast and contextualise PDPA vs GDPR to understand global expectations
  • Module 3: Becoming an Effective Data Protection Officer

    Participants will:

    • Analyse and translate DPO roles into practical organisational responsibilities
    • Design a personal competency roadmap for DPO success
    • Construct and map a Data Inventory (DIM) framework for their organisation based on their internal Data Flows
  • Module 4: Identifying & Mitigating Data Protection Risks

    Participants will:

    • Perform and prioritise privacy risk assessments using structured methodologies
    • Evaluate and challenge vendor risks through due-diligence exercises
    • Collaboratively build a practical vendor risk checklist (group workshop)
    • Design and recommend technical, administrative and physical safeguards
    • Conduct and simulate a Data Protection Impact Assessment (DPIA) using a realistic case study
    • Develop effective Data Protection Policies & an internal Training Plan
  • Module 5: Managing Data Breaches & Data Subject Requests

    Participants will:

    • Interpret and apply breach notification requirements confidently
    • Develop and rehearse a practical data breach response workflow
    • Execute and respond to Data Subject Access Requests (DSARs) through guided scenarios
  • Module 6: Supercharging the DPO with AI Tools

    Participants will:

    • Discover and experiment with AI tools that accelerate DPO tasks
    • Apply AI safely for documentation, risk analysis and compliance workflows
    • Evaluate ethical and governance considerations when using AI in privacy work
  • Module 7: From Learning to Action

    Participants will:

    • Consolidate and reflect on key takeaways
    • Develop and present a practical PDPA Action Plan & Compliance Roadmap
    • Demonstrate learning through a knowledge-check assessment
    • Celebrate completion and commit to next steps

TRAINER

Thilagavathy Rama Loo

About the Trainer

A senior legal practitioner with over 15 years of experience in civil litigation, corporate advisory, and data protection compliance. She is the Head of Privacy at Low & Partners and advises organisations on data governance, GDPR and PDPA compliance, data protection impact assessments, breach management, and regulatory requirements. Her academic research includes a national study on health data protection conducted while pursuing her LL.M. at the University of Malaya. Her paper, “Legal Protection and Management of Health Data in Malaysia: A Critical Analysis,” received Best Paper recognition and was published in the University Malaya Law Review Journal. She holds an LL.M. (Malaya), LL.B. (Hons) (London), CLP, and is an Accredited HRD Corp Trainer.

Enquiry Form

Fill in the enquiry form below and our consultants will assist you soon to start your professional training journey.

    Example: MY - 1234567890, INTL - 1234567890123