As June 2022 approaches, many companies in Thailand are focusing on and racing towards the implementation of compliance mechanisms in advance of the adoption of the Personal Data Protection Act (“PDPA”), Thailand’s new and all-encompassing data protection legislation. This new law will significantly impact businesses that handle personal data. It sets out heavy fines and penalties which will be imposed upon organizations that mishandle clients’ personal data.
In today’s infographic, we outline briefly the role of a Data Protection Officer (“DPO”) and why certain businesses may require to hire one.
Watch our brief, concise and easy-to-follow 3 minutes video to understand more about the appointment of the DPO and why such position becomes increasingly important with the upcoming enforcement of Thailand’s PDPA: https://youtu.be/5HJyXdUcHWk
Ng Woan Na (Regional Senior Legal Adviser, China Desk) highlights the appointment of DPO under Thailand’s PDPA if the business operations require a “regular and systemic monitoring of personal data” as a result of “processing large volume of personal data and sensitive personal data”. Examples of such businesses include e-commerce and online banking businesses. She provides an insightful overview on the appointment and roles of DPO within an organization, and whether such appointment should be made internally within the organization, or be outsourced to third-party data privacy service provider.
The information provided here is for information purposes only and is not intended to constitute legal advice. Legal advice should be obtained from qualified legal counsel for all specific situations.