Flight Lieutenant Somporn Pandam, Deputy Secretary-General of the Vocational Education Commission, commenced a training session focused on information security guidelines and practices, as well as guidelines for protecting personal data in an online format.
He emphasised the Office of the Vocational Education Commission’s (OVEC) commitment to strictly adhere to the Personal Data Protection Act (PDPA) and stressed the importance of fostering understanding and awareness among personnel regarding this matter. The objective of the training was to enhance comprehension of policies and guidelines for information security and personal data protection, ultimately promoting a safe and efficient work environment that respects individual privacy rights.
The Personal Data Protection Act (PDPA) of Thailand, which will be fully enforceable this year, presents promising opportunities for companies from the United States specialising in data technologies and services. Serving as Thailand’s first consolidated law governing data protection, the PDPA’s enforcement is scheduled to commence in June 2022. Initially signed into law in 2019, the implementation was postponed until 2022 following the Cabinet’s approval of a royal decree.
The PDPA holds significant importance as it is regarded as Thailand’s first legislation specifically designed to regulate data protection in the digital era. In terms of scope and impact, it is often compared to the European General Data Protection Regulation (GDPR). The PDPA covers various crucial aspects, including data processing, data collection, data storage, and data consent protocols. Once enforced, it is expected to revolutionise the landscape of personal data protection in Thailand, reinforcing the rights and privacy of individuals.
Under the PDPA, data controllers and processors are mandated to obtain explicit consent from data owners before using their personal data. This consent requirement aligns with the overarching principle of respecting individuals’ privacy rights, as committed by the Constitution of the Kingdom of Thailand. The Constitution serves as a legal framework that upholds all Thai citizens’ human dignity, rights, freedoms, and equality. It ensures their protection through the customary practices of the Thai government.
Recognising the fundamental right to privacy granted by the Constitution, individuals are entitled to safeguards against any undue exploitation of their personal data, which pertains to their unique identities. Consequently, if personal data is utilised in a manner that violates or infringes upon an individual’s right to personal data as established by the Constitution, that individual may be eligible to seek damages under the Thai Civil and Commercial Code.
To comply with the PDPA and promote a secure working environment, Flight Lieutenant Somporn Pandam emphasised the significance of information security and personal data protection during the training session. By equipping personnel with a comprehensive understanding of the policies and guidelines outlined in the PDPA, the training aimed to foster awareness and promote responsible data handling practices. This approach not only ensures compliance with the law but also safeguards individuals’ privacy rights and enhances overall work efficiency.
The training session offered participants valuable insights into the requirements and principles of information security and personal data protection. It emphasised the necessity of implementing stringent measures to protect sensitive data from unauthorised access, misuse, alteration, or disclosure. By adhering to these guidelines, organisations can establish a robust information security framework that safeguards personal data and mitigates the risks associated with data breaches.
Moreover, the training underscored the importance of creating a culture of privacy awareness and responsibility within the workplace. Personnel were encouraged to adopt best practices for data protection, such as securely storing and transmitting data, implementing strong access controls, and regularly updating security protocols. By fostering a privacy-conscious environment, organisations can cultivate trust among stakeholders and uphold their commitment to protecting personal data.