Cultivating a data-driven culture is crucial for businesses in today’s digital economy. Organisations have to consider investing in the quality and protection of the data they collect and use, so that it yields valuable insights that can be acted upon.

Privacy Awareness Week 2021

The PDPC celebrates PAW from 24 to 30 May 2021 and the week aims to highlight organisations' accountability to their customers, and encourage everyone to make data protection a priority. Find the full event highlights on the PDPC's LinkedIn page.

Advisories on Collection of Personal Data for COVID-19 Contact Tracing and Use of SafeEntry

The PDPC has updated the advisories to include guidance on the implementation of TraceTogether-only SafeEntry and other safe management measures at premises and workplaces.

Broad Comparison of the PDPA’s Consent and Exceptions to Consent Provisions with EU GDPR’s Six Legal Bases for Processing Personal Data

The PDPC has developed an infographic on the broad comparison between the EU GDPR’s legal bases for processing personal data, with the consent and the exceptions to consent under the enhanced PDPA.

Revised Guides on Managing Data Breach and Active Enforcement

The Guide on Managing and Notifying Data Breaches under the PDPA (previously known as Guide to Managing Data Breaches 2.0) has been updated with details of the mandatory data breach notification requirement under the PDPA.

The Guide on Active Enforcement has also been revised with details of the voluntary undertaking under the enhanced PDPA. Additional information on the expedited breach decision and financial penalties have also been included.

Handbook on How to Guard Against Common Types of Data Breaches

Many data breach incidents could have been prevented through good ICT system management and processes. The PDPC has identified the five most common gaps and the corresponding good practices that organisations should put in place.

Infographics on Data Protection Obligations under the PDPA

Being accountable helps you strengthen trust with the public, enhance business competitiveness and provide greater assurance to customers. We have put together a summary of all 11 data protection obligations under the PDPA for you.

Outcome of a review application involving an individual and HSBC Bank

A review application under section 28 (now known as section 48H(1)(a)) of the PDPA was conducted following a failed request by an individual to obtain his full unredacted internal evaluation report prepared by HSBC Bank (Singapore) Limited for the purpose of evaluating his credit card application.

Breach of the Consent Obligation by Greatearth Corporation, No Breach of the PDPA by Progressive Builders

A warning was issued to Greatearth Corporation for failing to obtain consent to disclose the personal data of 8 crane operators on the external façade of a construction site.