The PDPA was enacted in 2012 to govern private sector management of personal data. It comprises two man parts, namely (i) the Do Not Call (DNC) Provisions which came into force on 2 January 2014 and (ii) the Data Protection (DP) Provisions which came into force on 2 July 2014. Read More
Ensuring a balance between protecting individuals’ personal data from misuse, against organisations’ need to collect, use and disclose personal data for legitimate and reasonable purposes.
Review legislation and regulatory framework to ensure that they remain relevant and keep pace with technological developments.
Ensure that the appeal framework and process is rigorous, and provide an avenue for genuine appeals to be considered by the Data Protection Appeal Panel.
Introduce measures to ensure businesses comply with personal data protection laws.
Ensure businesses know about the available resources that can help them.
Support IMDA in providing resources that educate businesses on the Personal Data Protection Act (e.g. courses, e-brochures, self-assessment business checklists, FAQs, etc.).