Has sort of ended.

Over the past few weeks, we’ve done a number of workshops on Personal Data Protection Act, and invariably, the questions are more than answers. Some workshops with C-Levels went to levels of near hostility as if we were actually the perpetrators of said act; other workshops went relatively well, and some workshops had only half hour of airtime before the questions came in like a flood of water.

Here’s the deal: We don’t know any much more on the act except for what is given.

We partnered with a law firm and they dispense their legal opinions, but at the end, the act is still an act. It’s a legal document. It is what it is. It was quite funny sometimes that our workshop attendance actually thought we were lawyers promoting the act…and that’s why the next workshop we do (which won’t be any for some time), we’re going to dress down in jeans and t-shirt that says “The Geek shall Inherit the Earth.” We’re tech guys, and how we came about this Act was during our compliance assessments where regulatory compliance is the highest risk and control to address. And also the fact that aside from the first two principles, Technology plays a vital role to facilitate compliance for the Act, especially in the principle of Security and Retention.

So anyways, it’s been an extremely hectic few weeks. If we were a full time training company, it would be fine. Except we’re not. We have projects running here and there and everywhere, and we have to juggle all these. I was at Sarawak giving a talk on Cybercrime during the IIAM’s Corporate Fraud Conference 2013, and I managed to snap this shot in:

It’s nice to see your name up there once in a while. It was a good turn out, although I only touched briefly on PDPA, it still managed to garner questions after my presentation. Many people are a little worried about the Act and they have all the reason to be. But if we prepare ourselves now, do the gap, have a strategy to address it, and put in place controls to address the obvious low hanging fruits first, and address the gray areas later…we’ll be ready.

For the most recent PDPA presentation I did with the Incubator at MSC, here’s the link to it.