Singapore Personal Data Protection Act

Singapore Personal Data Protection Act 2012 (PDPA) is a law that governs the collection, use, and disclosure of personal data by all private organizations. The Act has come into full effect on 2nd July 2014. Organizations that fail to comply with PDPA may be fined up to $1 million and suffer reputation damage.

How do you comply?

PDPA Requirements

  • Designate a Data Protection officer (DPO)
  • Map organisation’s Personal Data Inventory, implement personal data protection policy
  • Communicate to employees on the personal data protection policies
  • Incorporate data protection as part of BAU
  • Establish regular compliance program to verify adherence to PDPA requirements


Did this answer your question?