คัดลอกลิงก์แล้ว!
Healthcare

3 Steps Through PDPA Journey Via WhiteFact

Share

Many of you are familiar with PDPA. It is a privacy law prohibiting organisations from using personal data without consent. This act has great impact on business going through digital transformation in ever-changing VUCA world. Personal data is a key to digital transformation. It helps businesses serve customers better. It can also help predict future trends. Digital transformation and PDPA are thus connected.

 

PDPA Is Not That Hard

 

When preparing for PDPA compliance, the usual concerns about PDPA by management and IT personnel include

  • How to adapt the current IT technology to comply with PDPA.
  • PDPA is a law leading to privacy policy, which is then enforced through technology.

 

The most important question is which concern should be addressed first.

In addition, there are several questions from IT department that needs answers.

  • How much is enough for PDPA?
  • When an organisation hires legal consultants to design privacy policy, how will the IT department prepare and implement systems so they are in line with the new policy?
  • In case tools such as access control, data protection, or data breach detection, are already available, how can they be configured to comply with PDPA whilst keeping the efficiency?

 

 

3 Steps Through PDPA Journey Via WhiteFact 

 

Based on the concerns, we’d like to propose creating PDPA Journey, or steps to successfully comply with PDPA. There are 3 steps.

 

1. Awareness

Train personnel on PDPA. Let them know they are a part of the processes going forwards.

 

2. Data Policy 

Identify where personal data is stored. Then, sort, classify, set up access rights and policies. Personal data can be sorted into 3 categories – customers, personnel, and partner (third party). This will affect how data protection mechanisms are enforced in the next step. 

 

3. Data Subject Right 

Prepare channel to communicate with data subject under data protection policy laid out in the previous step. This includes design and management of cookies, user consent, and Data Subject Access Request (DSAR). 

 

 

WhiteFact’s Interesting Features

 

  • Data Catalogue. Systematically store data. Easier to search.
  • Data Inventory. Identify where personal data is stored, making it easy to retrieve.
  • RoPA. Monitor personal data entries stored or used inside your organisations.
  • Data Subject Management. Allocate work to data protection personnel to process user’s DSAR and follow up on the requests.
  • Privacy Notice. Create privacy policy. Collect and centralise statement/consent.
  • Consent Management. Create consent management processes.
  • Cookie Manager Manage how and what types of cookies are stored. Modify cookie consent banners.
  • Data Subject Request Define data management processes. Monitor DSAR and process the requests.

 

Let’s prepare for PDPA to avoid future legal problems with WhiteFact, the unified PDPA solution. Apart from the above benefits, there are our experience for more than 28 years in IT industry. We are trusted by major organisations. 80% of them are listed. We are also a certified partner of global brands like Microsoft, Oracle, and Cisco HP.

 

We are capable to help Thailand industry transform

Inquiry about products and services

Contact Us