Data Protection Management
Develop and implement a Data Protection Management Programme to comply with the Personal Data Protection Act 2012
Type
Functional
Competency Area
Governance and Compliance
Levels
Collect, use or disclose personal data apprporaitely
Obtain consent to collect, use or disclose individuals’ personal data
Allow individuals to withdraw consent
Collect, use or disclose personal data only forin accordance with the organisation’s Data Protection Management Programme (DPMP)
Develop organisation's Data protection programme
Document the flows of personal data within the organisation
Create content registry to record consent provided by individuals to the organisation
Develop the organisation’s Data Protection Management Programme (DPMP) in accordance with legal requirements
Formulate the organisation’s data protection strategy
Review the organisation’s DPMP to determine gaps and areas for improvement
Formulate the organisation’s regional DPMP
Conduct a DPIA to identify, assess and manage