The public and private sectors have had around three years to study, check their readiness and adapt to comply with the Personal Data Protection Act B.E. 2562 (2019) (Personal Data Acté) from the date of publication in the Government Gazette on 27 May 2019 until the date the law was fully enforced on 1 June 2022. The Personal Data Act is a new law that introduces legal principles aimed at protecting the rights of personal data subjects and controlling the collection, processing or disclosure of personal data by data controllers or data processors. In the early stages of enforcement, there may be obstacles to compliance unless there are guidelines and awareness of the legal burdens and penalties in particular. From the authorûs experience of studying the law, the Personal Data Act and the General Data Protection Regulation, including guidelines for interpretation and judgments of various agencies in the European Union, have provided opportunities for organizations to prepare for and comply with personal data protection laws. Therefore, the author would like to provide the steps to prepare for compliance with the Personal Data Act to create awareness, enhance understanding and identify related legal issues. The steps are as follows. 1. Data Discovery to determine whether the organization collects, processes or discloses personal informationé, and to be able to identify the status and roles of data controllers or data processors as defined under the law to determine different obligations and liabilities as required by the law. 2. Data Classification to categorize the types of personal data that exist, including sensitive personal data under the Personal Data Act, and determine whether personal data has a high risk of causing damage to data subjects. 3. Purpose Identification to evaluate and review the purposes for the collection, processing or disclosure of personal data, and attempt to reduce the unnecessary storage of personal data (data minimization). 4. Legal Basis by obtaining consent to process the personal data of the data subject above, or have other legal bases that allow the collection, processing or disclosure of personal data. 5. GAP Analysis by assessing whether the organization has performed its duties in full compliance with the law as well as the extent that activities related to personal data have exposed it and the impact on data subjects in order to determine the proper safeguards. 6. PDPA Compliance by preparing the relevant documents, policies, procedures and guidelines for compliance with the law by providing complete documentation and procedures as required by the law such as privacy notice, consent forms, data processing agreements with personal data processors and practice guidelines to reduce risks by establishing policies, regulations or guidelines within the organization and arranging training for employees or related personnel. Understanding the Personal Data Act, analyzing potential legal issues and establishing guidelines for preparing to comply with personal data protection laws are important and useful to both lawyers and law enforcement agencies in reviewing the readiness of organizations and the award of penalties, including business operators who are obliged to comply with the law either as data controllers or data processors and most importantly all data subjects who are protected under the Personal Data Act.