The Digital Government Development Agency (DGA) is gearing up to train data protection officers for state agencies as required by the Personal Data Protection Act (PDPA), with an initial target to produce 100 responsible officers by June.
Government data protection officers (GDPOs) are required to be appointed, in line with the duties stipulated in the PDPA, which has been enforced since June last year.
The DGA, the Office of the Personal Data Protection Commission (PDPC) and the Thailand Professional Qualification Institute (TPQI) recently signed an agreement to collaborate on enhancing the necessary skills required for GDPOs.
DGA president and chief executive Supot Tiarawut said the first training session would be held from February to March and the second organised between late May and June.
Each session is expected to provide training for 50 participants, he said.
The intensive course covers case study lessons and aims to create proficient GDPOs with expertise in compliance with the PDPA requirements for state units, said Mr Supot.
Those who pass the training and receive a certificate can apply for GDPO positions, he said.
At present, 300 state departments nationwide are obliged to appoint GDPOs for their agencies. They previously appointed officials in the fields of law and IT to temporarily work in these positions during a transition period.
The DGA expects around 1,000 personnel from state agencies will need to attend its GDPO training courses.
Siwaruk Siwamogsatham, secretary-general of the PDPC office, said the training sessions would provide in-depth information about the PDPA, related laws and the standards involved, allowing participants to understand their roles and handle personal data in a proper manner.
According to the TPQI, it supports creating a carrier standard for data protection officers as well as GDPOs.
Digital Economy and Society (DES) Minister Chaiwut Thanakamanusorn said the government is developing a platform for PDPA compliance to serve state agencies nationwide.
The platform can facilitate the work procedures required under the PDPA, including the recording of personal data processing activities and consent management.
The PDPA, which was published in the Royal Gazette in 2019 with a one-year grace period, saw full enforcement postponed twice because of the pandemic and the unpreparedness of the private sector.
The PDPA is one of 12 major digital-related laws the government is pushing as part of its digital economy roadmap.
"The PDPA ecosystem forms a core part of the digital-driven economy that the government targets contributing 30% of the country's GDP over the next five years," said Mr Chaiwut.