Sri Lanka's
Data Privacy & Protection Summit 2026

23rd July 2026Cinnamon Grand, Colombo

PDPA Act No. 9 of 2022 Compliance Readiness Enterprise Data Security

Coming Soon

Data Privacy & Protection Summit 2026

We're crafting an even bigger and more impactful summit for 2026. Stay tuned — full event details, agenda, and speaker lineup will be announced soon.

23rd July 2026Cinnamon Grand, Colombo
2025 Event Recap

Data Privacy & Protection Summit 2025

July 3, 2025Cinnamon Lakeside, Colombo350+ Delegates

Summit Highlights

Over 350 legal experts, senior professionals, and industry leaders convened for Sri Lanka's inaugural Data Privacy and Protection Summit
Powered by Agility Innovation (Platinum Partner), Mastercard, and ORIN
Media partnership with Daily FT providing national coverage
Comprehensive sessions on understanding the PDPA regulatory and legal framework
In-depth strategies for implementing data privacy within organizations
Critical focus on the evolving role of Data Protection Officers (DPOs)

Key Themes & Curriculum

1PDPA Act No. 9 of 2022 – Regulatory and legal framework overview
2Implementing data privacy and protection within organizations
3Role, responsibilities, and mandate of the Data Protection Officer (DPO)
4Cross-border data transfer mechanisms and compliance safeguards
5Building organizational accountability and governance frameworks
6Incident response planning and breach notification protocols
Official Partners & Sponsors of 2025 Summit
Agility InnovationPlatinum Partner
MastercardPartner
ORINPartner
Daily FTMedia Partner
Agility InnovationPlatinum Partner
MastercardPartner
ORINPartner
Daily FTMedia Partner
View Full 2025 Summit Details
About The Event

Navigating Sri Lanka's Data Governance Frontier

What is the CICRA Data Privacy Summit?

The CICRA Data Privacy & Protection Summit is Sri Lanka's premier national forum, bringing together state authorities, top corporate executives, legal scholars, and leading cybersecurity professionals.

As the country moves rapidly towards digitalization, safeguarding personal information becomes critical. This summit serves as the bridge between technical execution and legal compliance, providing organizational leaders with the strategies required to defend and govern corporate assets responsibly.

100%Enterprise Focused
PDPAReadiness Verified

Sri Lanka PDPA No. 9 of 2022

With the progressive implementation of Sri Lanka's landmark Personal Data Protection Act, compliance is no longer optional—it is a critical executive mandate.

Understanding the legal obligations of Data Controllers and Processors.
Defining operational workflows that align with the Data Protection Authority (DPA).
Determining the threshold requirements for appointing a Data Protection Officer.
Implementing accountability frameworks (DPMP) to prevent severe financial penalties.

*Failure to comply with the PDPA provisions may result in severe administrative penalties, making early strategic adoption vital for sustained operations.

Core Focus Areas

Essential Summit Curriculum & Panels

Session 01
Act No. 9 of 2022 Overview

PDPA Regulatory & Legal Framework

A deep dive into the legal landscape, clarifying data subject rights, processing limits, cross-border transfers, and the statutory powers of the newly formed Data Protection Authority of Sri Lanka.

CICRA SUMMIT PANELINCLUDED
Session 02
Operations & Auditing

Implementing PDPA in Organizations

Operationalizing the law: how to set up Data Protection Management Programmes (DPMP), run privacy impact assessments, execute consent logs, and integrate privacy-by-design into existing IT frameworks.

CICRA SUMMIT PANELINCLUDED
Session 03
Mandates & Responsibilities

Role of a Data Protection Officer (DPO)

Understanding DPO criteria (large-scale monitoring, processing special data), their dual role in advising the board and acting as the official liaison to the national authority, and qualifications.

CICRA SUMMIT PANELINCLUDED
Session 04
Mitigating Exposure

Risk, Compliance & Governance

Strategic risk management under compliance standards. Assessing liabilities, establishing incident response plans, notifying authorities of breaches, and aligning governance with global norms (GDPR, ISO 27001).

CICRA SUMMIT PANELINCLUDED
Delegate Benefits

Why Attend the Data Privacy Summit?

01

Learn from Industry Experts

Gain direct advice from legal authorities, state regulators, cybersecurity consultants, and seasoned practitioners who are actively shaping Sri Lanka's data protection landscapes.

Enterprise Asset Protection
02

Network with Legal & Compliance Professionals

Connect with like-minded DPOs, General Counsel, compliance officers, and CIOs across major industries, fostering critical B2B partnerships and compliance peer groups.

Enterprise Asset Protection
03

Protect Organizational Data Responsibly

Equip your business with the blueprints to defend customer trust, implement standard security frameworks, prevent reputational damage, and shield against liability.

Enterprise Asset Protection
Delegate Profiles

Designed for Strategic Leaders & Compliance Gatekeepers

Data privacy is no longer confined to the IT department. The regulatory scope of the Sri Lanka PDPA impacts corporate strategy, legal responsibility, product development, and customer engagement.

This summit is specifically tailored for decision-makers who hold fiduciary or technical responsibility for customer data, operational security, and regulatory compliance.

CEOs & Directors

To safeguard enterprise equity, prevent crippling brand liability, and drive compliant digital transformations.

Compliance Officers

To establish standard Data Protection Management Programmes and audit corporate processing practices.

Legal Professionals

To master the regulatory provisions of the PDPA and advise clients on statutory compliance mechanisms.

IT & Security Leaders

To secure digital architectures, verify access controls, and design security policies that prevent breaches.

Data Protection Officers (DPOs)

To fulfill the statutory role, coordinate with the Data Protection Authority, and direct internal compliance.

Registration & Pass

Secure Your Delegate Pass

All-Inclusive Pass

Summit Delegate Access

Designed for C-level executives, directors, legal counsel, and technical compliance leaders. Secure full access to sessions and physical compliance resources.

Full Access to all Summit Sessions & Panels
Expert Compliance Worksheets & Checklists
Networking Lunch & Refreshments at Cinnamon Grand
Limited Seats Available Due to Venue Capacity
Ticket Fee
LKR 20,000/- net per participant

Includes full luncheon, networking sessions, and statutory physical materials.

Register Now Secure your delegate pass online.