The issue of personal data protection has gained significant global attention and has become a prominent concern for Thailand’s leaders. They recognise the need for several planning and thoughtful adjustments to their organisations’ procedures. It is evident that managing and safeguarding personal data in a compliant and accountable manner requires careful attention and cannot be achieved through any other means.
Thailand introduced its first comprehensive personal data protection legislation, the Personal Data Protection Act (PDPA). Although initially signed in 2019, the enforcement of the PDPA was postponed due to the impact of the pandemic, with the new implementation date set for last June 2022.
The PDPA sets out clear obligations for data controllers and processors, emphasising the need to inform and obtain consent from data owners regarding collecting, using, and disclosing their personal information.
Moreover, Thailand’s Personal Data Protection Act (PDPA) introduces a forward-looking regulation inspired by the General Data Protection Regulation (GDPR) model. GDPR is a comprehensive data protection law that was implemented by the European Union (EU) in 2018. It sets out strict guidelines and regulations for the collection, processing, and storage of personal data of individuals within the EU.
In light of this, Mr Puchaphong Nodthaisong, the secretary-general of the National Digital Economy and Society Commission, the National Digital Economy and Society Commission (NESDB), has appointed Advanced Information Technology Public Company Limited to undertake a government platform development project on his speech over the opening ceremony of the Data Protection Officer (DPO) workshop for government agencies. This project aims to ensure compliance with personal data protection laws and is known as the Government Platform for Personal Data Protection Act Compliance (GPPC).
“The government platform will facilitate adherence to the Personal Data Protection Act 2019, while also conducting activities to improve awareness and understanding of personal data protection among government agencies and promote the utilisation of government platforms,” he explained.
During this occasion, government agencies can acquire comprehensive knowledge and practical insights into personal data protection laws, equipping government officials with the necessary understanding and skills.
By imparting this vital knowledge to the entities, Thailand aims to elevate the level of readiness among agency staff in the government sector, enabling them to effectively navigate the complexities of personal data management and uphold stringent personal data protection measures within their respective departments.
In addition to enhancing data management practices, Thailand has set goals for cost savings by implementing the Government Platform for PDPA Compliance (GPPC). By streamlining and harmonising personal data protection processes across government agencies, Thailand envisions substantial annual savings of over 5 billion baht. This cost optimisation initiative underscores the significance of complying with the PDPA and highlights the potential benefits of a centralised government platform designed specifically for PDPA compliance.
The comprehensive education and training initiatives provided to government agencies play a crucial role in realising Thailand’s vision of improved personal data protection practices and cost efficiencies. By empowering agency staff with the necessary knowledge and skills, Thailand strengthens its commitment to safeguarding personal data. It ensures that government departments are well-equipped to navigate the complexities of the PDPA and implement robust data protection measures in alignment with legal requirements and industry best practices.
Nodthaisong underscored that this effort would contribute to a more secure and privacy-conscious environment for individuals’ personal information across the nation, fortifying Thailand’s personal datas from the threat of cyber security.