Course Overview
To equip participants with practical knowledge and hands-on skills to confidently perform the duties of a Data Protection Officer (DPO) in compliance with the Malaysian PDPA 2010.



Awarded by: UNIMY & Coursera
Duration: 2 Days
Location: BAC Flagship Campus
Study mode: Hybrid
Intakes: In Progress
Course Fees: RM3,500
Target Industries
- Financial Services & Insurance
- Healthcare & Hospitals
- Education & Training
- Retail & E-Commerce
- Telecommunications
- Government & Public Sector
- Technology & IT Services
- Hospitality & Tourism
What you'll gain
- Trainer-led sessions
- Case studies and real-life scenarios
- Group activities and discussions
- Hands-on templates and tools
- Quizzes and role plays
- Final recap and knowledge check
Who should attend?
- Data Protection Officers (DPOs)
- Compliance Officers
- Legal Advisors
- IT Security Managers
- Risk Managers
- HR Managers
- Operations Managers
- Department Heads handling personal data

Course Outcome
- Module 1: Kick-off, Expectations & Challenges
Participants will:
- Connect and engage through an interactive icebreaker focused on real data-protection scenarios
- Explore and align course goals with organisational compliance needs
- Surface and prioritise their organisation’s key PDPA pain-points through a guided activity
- Module 2: Mastering the Malaysian PDPA (Act 709)
Participants will:
- Differentiate and classify what qualifies as Personal Data in real business contexts
- Apply and interpret the 7 Data Protection Principles using practical examples
- Distinguish and evaluate the roles of Data User vs Data Processor in real workflows
- Assess and manage cross-border transfer obligations and risks
- Contrast and contextualise PDPA vs GDPR to understand global expectations
- Module 3: Becoming an Effective Data Protection Officer
Participants will:
- Analyse and translate DPO roles into practical organisational responsibilities
- Design a personal competency roadmap for DPO success
- Construct and map a Data Inventory (DIM) framework for their organisation based on their internal Data Flows
- Module 4: Identifying & Mitigating Data Protection Risks
Participants will:
- Perform and prioritise privacy risk assessments using structured methodologies
- Evaluate and challenge vendor risks through due-diligence exercises
- Collaboratively build a practical vendor risk checklist (group workshop)
- Design and recommend technical, administrative and physical safeguards
- Conduct and simulate a Data Protection Impact Assessment (DPIA) using a realistic case study
- Develop effective Data Protection Policies & an internal Training Plan
- Module 5: Managing Data Breaches & Data Subject Requests
Participants will:
- Interpret and apply breach notification requirements confidently
- Develop and rehearse a practical data breach response workflow
- Execute and respond to Data Subject Access Requests (DSARs) through guided scenarios
- Module 6: Supercharging the DPO with AI Tools
Participants will:
- Discover and experiment with AI tools that accelerate DPO tasks
- Apply AI safely for documentation, risk analysis and compliance workflows
- Evaluate ethical and governance considerations when using AI in privacy work
- Module 7: From Learning to Action
Participants will:
- Consolidate and reflect on key takeaways
- Develop and present a practical PDPA Action Plan & Compliance Roadmap
- Demonstrate learning through a knowledge-check assessment
- Celebrate completion and commit to next steps
TRAINER
Thilagavathy Rama Loo
About the Trainer
A senior legal practitioner with over 15 years of experience in civil litigation, corporate advisory, and data protection compliance. She is the Head of Privacy at Low & Partners and advises organisations on data governance, GDPR and PDPA compliance, data protection impact assessments, breach management, and regulatory requirements. Her academic research includes a national study on health data protection conducted while pursuing her LL.M. at the University of Malaya. Her paper, “Legal Protection and Management of Health Data in Malaysia: A Critical Analysis,” received Best Paper recognition and was published in the University Malaya Law Review Journal. She holds an LL.M. (Malaya), LL.B. (Hons) (London), CLP, and is an Accredited HRD Corp Trainer.
Enquiry Form
Fill in the enquiry form below and our consultants will assist you soon to start your professional training journey.