IDC Names Securiti a Worldwide Leader in Data Privacy
ViewListen to the content
Singapore enacted the Personal Data Protection Act (the "PDPA") in 2012, which came into force in different phases; the provisions concerning data protection were enforced on 2nd July 2014. There are two main sets of provisions in the PDPA; provisions related to ‘Data Protection’ govern the collection, use, and disclosure of individuals' personal data, and the provisions pertaining to Singapore’s national ‘Do Not Call Registry’ set out the organisation’s obligations in relation to sending marketing messages to Singapore's national phone numbers.
The Personal Data Protection Regulations 2014, issued under the PDPA, specifically lay down the data transfer out of Singapore requirements, and the procedure of data access and/or correction requests from individuals. Singapore has recently introduced new extensive amendments to PDPA through the Personal Data Protection (Amendment) Act 2020
Anonymised data' does not come under the scope of the PDPA.
Organisations that handle and control personal data must comply with the following obligations stated under Part III to VI of the PDPA.
PDPA covers any organisation that deals with the collection, use, and/or disclosure of personal data from individuals in Singapore, whether the organisation is located in Singapore or not. However, this Act does not cover the following:
ANY INDIVIDUAL ACTING IN A PERSONAL OR DOMESTIC CAPACITY;
ANY EMPLOYEE ACTING IN THE COURSE OF HIS OR HER EMPLOYMENT WITH AN ORGANISATION;
ANY PUBLIC AGENCY; AND
ANY ORGANISATION IN THE COURSE OF ACTING ON BEHALF OF A PUBLIC AGENCY IN RELATION TO THE COLLECTION, USE, OR DISCLOSURE OF PERSONAL DATA.
As per Part II of the PDPA, Personal Data Protection Commission (PDPC) is the regulatory body to enforce the provisions of PDPA. The PDPC is empowered with broad discretion to issue remedial directions, initiate investigation inquiries, and impose fines and penalties on the organisations in case of any non-compliance of PDPA.
If organisations misuse the personal data or hide information concerning its collection, use, or disclosure, PDPA states penalties not exceeding S$50,000 (approx. $36,000).
Penalty for hindering a PDPC investigation can lead to a fine of not more than S$100,000 (approx. $72,000). The PDPA states that companies are also liable for their employees’ actions, whether they are aware of them or not.
New amendments to PDPA have enforced increased financial penalties for breaches of the PDPA up to 10% of annual gross turnover in Singapore, or S$ 1 million, whichever is higher.
Non-compliance with specific provisions under the PDPA may also constitute an offense, for which a fine or a term of imprisonment may be imposed.
An individual can bring a private civil action against an organisation for having suffered loss or damage directly due to a contravention of the provisions of the PDPA.
The multi-disciplinary practice to grow trust-equity of your brand and comply with privacy regulations.
Get the Book“By leveraging the PrivacyOps constructs from this book across our organization we were able to not only save time and money but also mitigate the risks associated with manual methods of privacy management.”
- Marty Collins, Chief Privacy and Legal Officer, QuinStreet, Inc
Given the complex obligations for the organisations to manage the disclosure, access, and modification requests of the individuals, ensuring the effective security measures, fulfilling data breach notification requirements, and other compliance requirements, complying with the PDPA can be very labor-intensive and costly.
Securiti is the leader in AI-powered PrivacyOps and data governance. Similar to DevOps for software, PrivacyOps reimagines how to implement privacy management throughout an organization efficiently.
Securiti is a recognized innovator in this market, having been awarded "Most Innovative Startup" at RSA Conference 2020, and Leader in the Forrester Wave: Privacy Management Software. Securiti's PrivacyOps solution uniquely combines real-time sensitive data intelligence harnessing bot and AI technology with full workflow automation of all the major privacy compliance functions.
No, Singapore is not part of the European Union, so GDPR does not directly apply. Singapore's data protection law is called the Personal Data Protection Act (PDPA).
Yes, the Personal Data Protection Act (PDPA) is mandatory in Singapore and applies to organizations that handle personal data.
The Personal Data Protection Commission (PDPC) is the authority responsible for regulating and enforcing the Personal Data Protection Act in Singapore.
PDPA stands for the Personal Data Protection Act in Singapore. It regulates personal data collection, use, and disclosure and aims to protect individuals' data privacy rights.
PDPA (Personal Data Protection Act) in Singapore and GDPR (General Data Protection Regulation) in the EU share similar principles but differ in specific requirements, jurisdiction, and scope.
To comply with Singapore's Personal Data Protection Act, organizations need to ensure they have proper data protection policies, consent mechanisms, data breach procedures, and overall data protection measures in place. They should also appoint a Data Protection Officer and educate their employees about data protection practices.
Anas Baig is a Product Marketing Manager with a proven track record in the cybersecurity industry. He has been a prominent contributor to numerous esteemed publications, including Infosecurity Magazine, CSO Online, Tripwire, Security Affairs, Network Computing, Security Boulevard, and several other renowned cybersecurity blogs.His in-depth knowledge and extensive experience in the industry make him a trusted source for cutting-edge insights and information in the ever-evolving world of cybersecurity.
Get all the latest information, law updates and more delivered to your inbox
November 24, 2023
Protecting personal data and honoring data subject rights has become paramount in an increasingly data-driven world. Singapore’s Personal Data Protection Act (PDPA) is a...
September 21, 2023
Introduction The emergence of Generative AI has ushered in a new era of innovation in the ever-evolving technological landscape that pushes the boundaries of...
September 15, 2023
The wealth of data available to organizations globally has brought tremendous improvements in their ability to target and cater to their customers' needs. Organizations...
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
Copyright © 2023 Securiti · Sitemap · XML Sitemap
info@securiti.ai
Securiti, Inc.
300 Santana Row
Suite 450
San Jose, CA 95128