The decisions have previously been published in relation to the ‘do not call register rules in the Personal Data Protection Act (PDPA), these nine decisions, together with new advisory guidelines on enforcement, represent the first clear indications of how in practice the PDPC expects organisations to comply with the PDPA when collecting, using and disclosing personal data.
The Commission has published advisory guidelines on enforcement of the data protection provisions in the PDPA and associated regulations. The Guidelines are non-binding, but indicate how in practice the PDPC proposes to handle complaints, reviews and investigations of breaches of the data protection rules, and to approach enforcement and sanctions.
PDPC will take into account the time taken for the organisation to attempt to resolve a matter; whether the breach was intentional, repeated or ongoing, any obstruction or concealment of information, failure to comply with previous warnings and the nature and volume of sensitive personal data held by the organisation
These latest developments serve as a reminder of the consequences of failing to comply with Singapores data protection law.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now