What is a Singapore Personal Data Protection Act (PDPA)?

The Personal Data Protection Act (PDPA) provides a baseline standard of protection for personal data in Singapore. It complements sector-specific legislative and regulatory frameworks such as the Banking Act and Insurance Act. It comprises various requirements governing the collection, use, disclosure and care of personal data in Singapore.  It also provides for the establishment of a national Do Not Call (DNC) Registry. Individuals may register their Singapore telephone numbers with the DNC Registry to opt out of receiving unwanted telemarketing messages from organizations.

Applicability

The PDPA covers personal data stored in electronic and non-electronic formats. 

It generally does not apply to:

    • Any individual acting on a personal or domestic basis.
    • Any individual acting in his/her capacity as an employee with an organization.
    • Any public agency in relation to the collection, use or disclosure of personal data.
    • Business contact information such as an individual’s name, position or title, business telephone number, business address, business email, business fax number and similar information.

Objective

  • The PDPA recognizes both the need to protect individuals’ personal data and the need of organizations to collect, use or disclose personal data for legitimate and reasonable purposes.​_
  • A data protection regime is necessary to safeguard personal data from misuse and to maintain individuals’ trust in organizations that manage their data.
  • By regulating the flow of personal data among organizations, the PDPA also aims to strengthen Singapore’s position as a trusted hub for businesses.

Approach

Our approach is mentioned below: 

Phase 1: Governance & Planning
Phase 2: Gap Analysis
Phase 3: Implementation 
Phase 4: Privacy Compliance, Risk Management Framework & Audit

      Why CyberSRC®?

      Established in January 2018, CyberSRC Consultancy offers the full machination of cyber security services ranging from threat intelligence, VMS to general advisory services in areas pertaining to Cyber security such as vulnerability attacks, compliance, and cyber security regulations, and laws. We are into system audits such as ISNP Audits, NBFC Audits, UCB Audits, PPI Audits, and SEBI Audits. We provide our solutions with better accountability. We are a certified assurance firm. We are an ISO 27001 certified organization, backed by a very diverse and dynamic team.