Disini & Disini Law Office

“Data Privacy Bootcamp for HR Professionals 2”


In 2017, the National Privacy Commission (NPC) required all employers with at least 250 employees to register their data processing systems with the NPC by March 2018, to further compliance with the Data Privacy Act (DPA). This led numerous business entities – from startups to large conglomerates – to finish completing their privacy impact assessment and registering their data processing systems.

Employers continue to be confronted with the unique issues and challenges facing their human resources (HR) departments as they fulfill with the compliance requirements set forth by the DPA and the NPC. To help address the special concerns of HR departments, Disini & Disini Law Office is again presenting a one-day symposium on the DPA for HR Professionals, tapping the expertise of its experienced data privacy lawyers and information security professionals.

Keynote Address NPC
DPA Revisited and Streamlining the Compliance Process The first session aims to provide an overview of the DPA and its implementing rules and regulations. The session will revisit basic privacy concepts, and provide some guidance on privacy impact assessment, gap analysis, roadmapping, and implementation of remediation measures. D&D Data Privacy Core Team
Hiring and Recruitment This session will dive deep into the common privacy issues encountered during hiring and recruitment, and aim to provide some insights on a comprehensive consent form. D&D Data Privacy Core Team
Onboarding Can we do background checks without explicit consent? Can we scrape the applicant’s social media accounts? In this session, we will discuss the common onboarding issues and how to manage them. D&D Data Privacy Core Team
Due Diligence in Data Outsourcing and Data Sharing Disclosure of personal data is inevitable for most companies. This session emphasizes the need for due diligence before data is disclosed to a third party, whether in the context of a data outsourcing agreement or a data sharing agreement. D&D Data Privacy Core Team
Role of the DPO in HR management How can the data protection officer take a more proactive approach and leverage existing HR policies and procedures to promote the company’s privacy management program? This session will explore the role of the data protection officer and how it fits into the overall HR framework. D&D Data Privacy Core Team
Employee Monitoring Can the employer monitor the employee’s use of internet, work email, and company-issued mobile devices? How about the use of CCTV footage? This session will take on these recurring topics involving surveillance and privacy in the workplace. D&D Data Privacy Core Team
Health Information This session will explore privacy issues involving workplace wellness programs, extraction and use of HMO data, as well as mandatory drug-tests in the workplace. D&D Data Privacy Core Team
Disciplinary and Termination Proceedings This session will focus the discussion on disciplinary and administrative proceedings, including confidentiality issues, as well as management of internal and external announcements. It will also touch on the current trend of updating the employee code of conduct to include DPA-related violations. D&D Data Privacy Core Team
Managing Requests for Employee Data HR often deals with requests for employee information from external sources such as government agencies and law enforcement authorities, banks and financial institutions conducting credit investigation, and prospective employers of former employees. This session will discuss how to manage those request and minimize the risk of unauthorized disclosure of personal data. D&D Data Privacy Core Team
Data Breach Management The possibility of personal data breach is not limited to customer data. Large companies with volumes of employee data are equally vulnerable to potential breach. This session will revisit the regulations and best practices on personal data breach notification and management. D&D Data Privacy Core Team
Information Security With the advent of technology, the potential for data breach has been a serious concern especially for companies with a considerable workforce. HR departments now have to be proactive in collaborating with IT and other departments in raising awareness about data loss, preventing it from happening, and mitigating its effects when it happens. Our information security expert will provide us with some key considerations in securing personal data, as well as other data security measures in the context of a workplace. Kamesh Ganeson