As a regulator and a steward of trust, it’s important for PDPC to provide a stable environment that tries to find a balance between providing protection for consumers, and at the same time enabling businesses to drive economic innovation and growth with data.
|
|
|
|
|
Adapting Your Business Processes to the PDPA Changes
Learn how RSM Singapore reviews its business processes in preparation for the changes in the Personal Data Protection Act (PDPA) with an objective to obtain a qualitative assessment to help understand the risks and the impact on its organisation. RSM Singapore also shares its client’s experience through this journey and sheds light on how your own organisation can do the same too.
(Article contributed by RSM Singapore)
|
|
|
|
Announcements
|
|
|
 |
The enhanced PDPA and accompanying Regulations will take effect in phases from 1 February 2021. The amendments will strengthen organisational accountability and consumer protection while giving organisations the confidence to harness personal data for innovation.
|
| |
The 1st ASEAN Digital Ministers’ Meeting (ADGMIN) approved the ASEAN Data Management Framework and a set of model contractual clauses to aid businesses with cross border data flows. The PDPC has also developed additional guidance for companies in Singapore that wish to utilise the model contractual clauses in their business contracts.
|
| |
Eight new members from various sectors have been appointed to the Data Protection Advisory Committee (DPAC). They will complement 11 existing members by providing perspectives from the different sectors they come from. The DPAC advises the PDPC on matters relating to areas of policy guidance, as well as the review of key policy and enforcement issues under the PDPA.
|
|
|
|
|
|
|
New Resources
|
|
|
| |
The Advisory Guidelines have been updated to provide clarity on the amendments to the PDPA, which include amendments to the Consent Obligation, Data Breach Notification Obligation and offences for egregious mishandling of personal data.
|
| |
The Advisory Guidelines have been updated to provide clarity on the amendments to the PDPA, which include prohibitions relating to the use of dictionary attacks and address-harvesting software, and requirements on third-party DNC checkers.
|
| |
The Advisory Guidelines have been updated to provide clarity on the amendments to the PDPA, which include amendments relating to the Commission’s power to accept voluntary undertakings as part of its enforcement regime.
|
| |
This guide provides an industry-agnostic and practical approach to help companies manage AI's impact on employees, and for organisations that are adopting AI to prepare themselves for the digital future.
|
|
|
|
|
|
|
Commission's Decisions
January 2021
|
|
|
| ● |
BLS International Services Singapore failed to put in place reasonable security arrangements to prevent the unauthorised disclosure of the personal data of individuals who had submitted a booking for an appointment on its website.
|
| ● |
The Future of Cooking failed to put in place reasonable security arrangements to prevent the unauthorised disclosure of its customers’ personal data on its website.
|
| ● |
Singapore Technologies Engineering was found not in breach of the PDPA in relation to the transfer of the personal data of its Singapore-based employees to its subsidiaries based in United States.
|
|
|
|
Read more Commission's Decisions here
|
|
|
|
|
|
Help and Resources for DPO
|
|
|
Key resources that are relevant to data protection professionals throughout the different stages of the data protection journey.
|
|
A listing of information on Data Protection-as-a-Service (DPaaS), legal advisors for personal data protection, data protection training providers, data protection digital tools, and cyber security services.
|
|
The Framework outlines the core competencies and proficiency levels for a DPO, and provides guidance on a viable career pathway.
|
|
|
|
|
|
|
