Training Programs Raise Employers Awareness on Data Protection

According to the published information, the first investigation report focuses on four cases involving the mishandling of personal data by employers in Hong Kong. The Privacy Commissioner found that these organizations violated Data Protection Principles (DPP) under the Personal Data (Privacy) Ordinance (PDPO), such as the improper use and disclosure of personal data, accuracy of personal data, and security of personal data. Enforcement Notices have been issued to these organizations to rectify the contraventions and prevent future occurrences.

To raise awareness among employers and human resource managers about their obligations in protecting personal data privacy and complying with relevant legal requirements, the Privacy Commissioner has made four recommendations. These include the introduction of a Personal Data Privacy Management Programme, appointment of a Data Protection Officer, implementation of a training strategy on personal data privacy, and active communication with staff to develop procedures, guidelines, and training programs tailored to their specific needs.

To support organizations in meeting these requirements, our company offers ISO 27001:2022 Internal Auditor Training and ISO 27701:2019 PIMS Understanding Training programs. These training programs are designed to enhance data protection compliance and equip participants with the knowledge and skills necessary to effectively implement and audit information security and privacy management systems.

ISO 27001:2022 Internal Auditor Training

ISO 27001:2022 Internal Auditor Training program provides participants with understanding of the standard and the skills required to perform internal audits. Key training objectives include:

• To understand the development of the standard
• To understand ISO 27001 standard requirements
• To understand the application of information security management system in practice
• To understand the consideration of GDPR in ISMS
• To develop the basic expertise to implement an ISMS according to ISO27001
• To develop the knowledge about internal audit based on ISO27001

ISO 27701:2019 PIMS Understanding Training

ISO 27701 is an extension to the widely recognized ISO 27001 standard for information security management systems (ISMS). It provides guidelines and requirements for establishing a Privacy Information Management System (PIMS) within the framework of an organization's ISMS. By attending ISO 27701:2019 PIMS Understanding Training program, participants will develop a strong foundation in ISO 27701, empowering them to effectively implement and manage privacy controls within their organizations. Key objectives of the training are :

• To understand the development of the standard
• To understand ISO 27701:2019 standard requirements
• To understand the relation between ISO 27001 ISMS and ISO 27701 PIMS
• To understand the relation between ISO 27701:2019 and GDPR
• To develop the basic expertise to implement an PIMS according to ISO27701:2019
• To develop the knowledge about internal audit based on ISO27701:2019

Participating in our ISO 27001:2022 Internal Auditor Training and ISO 27701:2019 PIMS Understanding Training programs offers numerous benefits to organizations. Participants gain a better understanding of ISO 27001:2022 and ISO 27701:2019 standards, equipping them with knowledge of information security and privacy management. This knowledge enables organizations to implement and manage robust systems that effectively protect sensitive data and comply with relevant regulations. Additionally, the training enhances participants' ability to conduct internal audits, identify areas for improvement, and ensure compliance with international standards for information security and privacy.

By reducing the risks of data breaches and non-compliance penalties, organizations can build trust and confidence among customers, ultimately strengthening their reputation as reliable custodians of personal information. Overall, the training programs empower organizations to enhance their data protection practices, meet regulatory requirements, and instill a culture of privacy and security throughout the organization.

Relevant Services

• DQS Academy provides ISO 27001:2022 Internal Auditor Training
• DQS Academy provides ISO 27701:2019 PIMS Understanding Training
• DQS provides accredited ISO 27001 Certification and ISO 27701 Certification services.
• DQS HK provides Penetration Testing service.
• DQS HK provides Privacy Impact Assessment (PIA)