Bangkok, Friday 29 May 2020 - SEC has conducted a survey on preparedness of its regulated entities and has found that companies have registered a 70% preparedness level in abiding by the Personal Data Protection Act, while suggesting four main issues to speed up for such preparedness.
SEC has prepared a questionnaire surveying
preparedness toward the Personal Data Protection Act, B.E. 2562 in April 2020
for self-assessment of 276 organizations under its supervision. Based on the
results, 192 firms responded, scoring 70% total preparedness in personal data
protection.
Business operators, who need to accelerate
their preparedness for the Personal Data Protection Act, have been advised by SEC to
accelerate the following, four main issues.
(1) Considering
appropriate legal basis that will be used to process personal data in the
organization and producing a corporate’s private policy
(2) Preparing
consent forms
(3) Selecting
and implementing appropriate security safeguards such as access control
(4) Producing
and managing “Record of Processing Activities (ROP)” that will used to record
any corporate’s personal data processing activities both in a hard copy or an
electronics system
SEC
Secretary-General Ruenvadee Suwanmongkol, said “SEC, as a capital market regulator,
expects business operators and organizations related to the capital markets to
be aware of the importance of compliance with the Personal Data Protection Act.
SEC’s suggestions in four main issues will help the business operators to
understand and acknowledge all information, both personal and non-personal,
they hold, and utilize it for their maximum benefits in line with such act.
These suggestions will also make them realize any risks that may arise to
personal data and properly proceed with risk prevention in time.”
_____________________________