Resources

With the increased requirements around data breach notifications, companies need an effective response plan to limit the impact of a data breach incident. This session will discuss practical insights in conducting a data breach investigation using a walkthrough of a data security incident.

The Philippine Data Privacy Act was enacted in 2012, but its Implementing Rules and Regulations were only issued this year and became enforceable on September 9, 2016. This session will give an overview of the rules including its scope, general principles, rights of the data subject, general requirements and penalties.

The current technological landscape, including the cloud and Internet Of Things, is leading to a new trend for privacy policies. Conventional access control practices are not suitable anymore for their implementation. New approaches are required to enforce all the security requirements with digital privacy policies.

In Hong Kong, there are no specific requirements in relation to data breaches. However, the Commissioner has recently issued a Guidance Note which, together with recent cases, have provided guidance as to suggested good practices. How do you handle data breaches appropriately and to minimize risk of prosecution?

New Zealand's Privacy Act is over 23 years old. While we wait for a new Privacy Act, there are interim amendments, other legislation and initiatives, and a Privacy Commissioner who is taking a stronger line with enforcement and proactively addressing privacy issues through education and encouraging compliance.

After almost 5 years of prevarication, mandatory data breach reporting is about to be implemented in Australia. The Office of the Australian Information Commissioner has also recently released a draft policy guide on Big Data. How do you ensure compliance if you are doing business in Australia?

ISO is developing the international standards for privacy matters at ISO/IEC JTC1/SC27 WG (Working Group) 5 to fit privacy and security in organizations. The first contribution from the WG was ISO/IEC 29100 Privacy framework. In this session, learn how IT security is an enabler for both of data privacy and secrecy.

In Thailand, the government is seeking to expand its authority to require access to encryption keys, account login information, as well as https secure websites. How will the government’s efforts impact ISPs and service operators, and what are the legal and commercial ramifications related to data privacy and security.

ICT vendors face privacy and security challenges from different points of view: they need to implement internally but also need to face customer requirements from a product, service and delivery point of view. We need a holistic approach which incorporate security and privacy into the DNA of the company

This session will discuss developments on the Personal Data Protection Act 2010 in Malaysia since its implementation in late 2013, including the 2015 Personal Data Protection Standards, highlights of the proposed provisions of various sector-specific Codes of Practice, and enforcement action/initiatives to date.