IDC Names Securiti a Worldwide Leader in Data PrivacyView
Singapore enacted the Personal Data Protection Act (the "PDPA") in 2012, which came into force in different phases; the provisions concerning data protection were enforced on 2nd July 2014. There are two main sets of provisions in the PDPA; provisions related to ‘Data Protection’ govern the collection, use, and disclosure of individuals' personal data, and the provisions pertaining to Singapore’s national ‘Do Not Call Registry’ set out the organisation’s obligations in relation to sending marketing messages to Singapore's national phone numbers.
The Personal Data Protection Regulations 2014, issued under the PDPA, specifically lay down the data transfer out of Singapore requirements, and the procedure of data access and/or correction requests from individuals. Singapore has recently introduced new extensive amendments to PDPA through the Personal Data Protection (Amendment) Act 2020
Anonymised data' does not come under the scope of the PDPA.
Organisations that handle and control personal data must comply with the following obligations stated under Part III to VI of the PDPA.
PDPA covers any organisation that deals with the collection, use, and/or disclosure of personal data from individuals in Singapore, whether the organisation is located in Singapore or not. However, this Act does not cover the following:
ANY INDIVIDUAL ACTING IN A PERSONAL OR DOMESTIC CAPACITY;
ANY EMPLOYEE ACTING IN THE COURSE OF HIS OR HER EMPLOYMENT WITH AN ORGANISATION;
ANY PUBLIC AGENCY; AND
ANY ORGANISATION IN THE COURSE OF ACTING ON BEHALF OF A PUBLIC AGENCY IN RELATION TO THE COLLECTION, USE, OR DISCLOSURE OF PERSONAL DATA.
As per Part II of the PDPA, Personal Data Protection Commission (PDPC) is the regulatory body to enforce the provisions of PDPA. The PDPC is empowered with broad discretion to issue remedial directions, initiate investigation inquiries, and impose fines and penalties on the organisations in case of any non-compliance of PDPA.
Given the complex obligations for the organisations to manage the disclosure, access, and modification requests of the individuals, ensuring the effective security measures, fulfilling data breach notification requirements, and other compliance requirements, complying with the PDPA can be very labor-intensive and costly.
Securiti is the leader in AI-powered PrivacyOps and data governance. Similar to DevOps for software, PrivacyOps reimagines how to implement privacy management throughout an organization efficiently.
Securiti is a recognized innovator in this market, having been awarded "Most Innovative Startup" at RSA Conference 2020, and Leader in the Forrester Wave: Privacy Management Software. Securiti's PrivacyOps solution uniquely combines real-time sensitive data intelligence harnessing bot and AI technology with full workflow automation of all the major privacy compliance functions.
No, Singapore is not part of the European Union, so GDPR does not directly apply. Singapore's data protection law is called the Personal Data Protection Act (PDPA).
Yes, the Personal Data Protection Act (PDPA) is mandatory in Singapore and applies to organizations that handle personal data.
The Personal Data Protection Commission (PDPC) is the authority responsible for regulating and enforcing the Personal Data Protection Act in Singapore.
PDPA stands for the Personal Data Protection Act in Singapore. It regulates personal data collection, use, and disclosure and aims to protect individuals' data privacy rights.
PDPA (Personal Data Protection Act) in Singapore and GDPR (General Data Protection Regulation) in the EU share similar principles but differ in specific requirements, jurisdiction, and scope.
To comply with Singapore's Personal Data Protection Act, organizations need to ensure they have proper data protection policies, consent mechanisms, data breach procedures, and overall data protection measures in place. They should also appoint a Data Protection Officer and educate their employees about data protection practices.
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
300 Santana Row
San Jose, CA 95128