Sign In
SEC News

SEC survey finds its regulated entities at 70% readiness level for Personal Data Protection Act



Friday 29 May 2020 | No. 108 / 2020


Bangkok, Friday 29 May 2020 - SEC has conducted a survey on preparedness of its regulated entities and has found that companies have registered a 70% preparedness level in abiding by the Personal Data Protection Act, while suggesting four main issues to speed up for such preparedness.

SEC has prepared a questionnaire surveying preparedness toward the Personal Data Protection Act, B.E. 2562 in April 2020 for self-assessment of 276 organizations under its supervision. Based on the results, 192 firms responded, scoring 70% total preparedness in personal data protection.

Business operators, who need to accelerate their preparedness for the Personal Data Protection Act, have been advised by SEC to accelerate the following, four main issues.

(1) Considering appropriate legal basis that will be used to process personal data in the organization and producing a corporate’s private policy

(2) Preparing consent forms

(3) Selecting and implementing appropriate security safeguards such as access control

(4) Producing and managing “Record of Processing Activities (ROP)” that will used to record any corporate’s personal data processing activities both in a hard copy or an electronics system

SEC Secretary-General Ruenvadee Suwanmongkol, said “SEC, as a capital market regulator, expects business operators and organizations related to the capital markets to be aware of the importance of compliance with the Personal Data Protection Act. SEC’s suggestions in four main issues will help the business operators to understand and acknowledge all information, both personal and non-personal, they hold, and utilize it for their maximum benefits in line with such act. These suggestions will also make them realize any risks that may arise to personal data and properly proceed with risk prevention in time.”

_____________________________