Contact our expert team today
Hawksford offers a range of outsourced data protection services to suit your operational requirements, and ensure your business meets Singapore data protection obligations.
Amendments have been introduced to the Personal Data Protection Act 2012 (PDPA) on the 5 October 2020 to keep Singapore’s data protection laws up to date with evolving technology developments, global regulatory trends and to enhance Singapore's relevancy and stability as a global business hub.
We summarise what the new amendments mean for you below.
Organisations will be required to notify the Personal Data Protection Commission (“PDPC”) regarding any data breaches that are likely to result in harm to individuals and companies. The timeframe for reporting these breaches to the Commission is now within three calendar days from the date of the breach.
Financial penalties will also be increased to 10% of annual turnover in Singapore (if the organisation’s annual turnover in Singapore exceeds SGD $10 million), or $1 million SGD, whichever is higher.
The concept of “deemed consent” will be expanded to include:
1. Use or disclosure of personal data reasonably necessary to conclude or perform a contract or transaction.
2. Where individuals have been notified of the purpose of the intended collection, use or disclosure of personal data are given a reasonable opportunity to opt-out
Individuals will be held accountable for mishandling personal data through the introduction of new criminal offences including:
1. Knowing or reckless unauthorised disclosure of personal data;
2. Knowing or reckless unauthorised use of personal data for a gain or wrongful loss to any person
Organisations must, at the request of an individual, transfer an individual’s personal data that is in the organisation’s possession or under its control, to another organisation in a common machine-readable format
The sending of unsolicited messages to telephone numbers will be prohibited under the ‘Do Not Call’ provisions of the PDPA.
The Spam Control Act will also be amended to cover commercial text messages sent to instant messaging accounts and in bulk.
Organisations will need to adapt or change their approach to PDPA compliance and data protection in general to meet the new requirements and expectations of individuals, regulators and the community.
They will need to review existing company polices on consumer data, and strengthen the gaps where needed. Adjustments and coordination will also need to be carried out to manage data breach reporting policies and procedures.
Navigating the complexities of meeting your data obligations can be difficult, that’s why outsourcing your data protection requirements to a specialist provider, like Hawksford can help keep costs low, save time, and provide a peace of mind.
Regardless of the scale and size of your operations, Hawksford can take away the administrative burden so that you can focus on the most important factors which are relevant for your company’s growth and improvement.
Our services include:
This material is intended for general information purposes only and does not constitute legal advice.
Hawksford offers a range of outsourced data protection services to suit your operational requirements, and ensure your business meets Singapore data protection obligations.
Back to top