At PKWA Law, our Personal Data Protection Lawyers represent clients on data protection, including regulatory issues, data breaches, and compliance issues. These include the implementation of data protection compliance programmes, compliance with the Personal Data Protection Act 2012 and the Cybersecurity Act 2018, data protection training programmes, developing a data breach management plan, dealing with data breaches and cybersecurity incidents (whether involving hacking, malware or accidental disclosures), and personal data breach reporting obligations under the PDPA. We also advise clients on the investigation, containment and remediation of any data breaches so as to comply with Singapore laws.
Our Personal Data Protection Lawyers help organisations to navigate the minefield of data governance and data protection to confidently and securely implement data protection policies and processes.
What is the Personal Data Protection Act (PDPA)?
Since the introduction of the Personal Data Protection Act 2012 (PDPA), companies and organisations must comply with data protection rules. The PDPA governs the collection, use and disclosure of personal data. Parliament passed the PDPA in October 2012.
The PDPA recognises both:
- The right of individuals to protect their personal data; and
- The need of organisations to collect, use or disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.
Objectives of the PDPA
The PDPA recognises the need to protect individuals’ personal data and the need of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.
A data protection legal framework is necessary to safeguard personal data from misuse and maintain individuals’ trust in organisations that manage their data.
By having a robust regime for protecting personal data by organisations, the PDPA also aims to strengthen Singapore’s position as a trusted hub for businesses.