fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

What Legislation Exists in Singapore Regarding Data Protection and Security?

What Legislation Exists in Singapore Regarding Data Protection and Security?

what legislation exists in Singapore regarding data protection and security
Individuals and organisations alike must learn what legislation exists in Singapore regarding data protection and security – it’s not an option

Before even thinking about what legislation exists in Singapore regarding data protection and security, it’s crucial to learn first the definition of key terms used in this narrative.

What is Personal Data?

Singapore’s Personal Data Protection Commission defines personal data as any data about an individual who can be known from that data. It has to be noted that this data can be either true or not. All personal data in Singapore is protected under the Personal Data Protection Act 2012 (PDPA).

It’s important to note that although we tend to use the phrase “sensitive personal data” in reference to some data, the PDPA does not expressly distinguish between specific categories of personal data.

Also Read: Does Personal Data Market About To Become The Next Big Thing

How the Personal Data Protection Act Came into Fruition

With data getting collected, used, and shared from all avenues possible, it’s no surprise that concerns about privacy sooner or later grew to a crescendo.

Consequently, a data protection regime became a necessity in order to govern the collection, use, and disclosure of personal data. The presence of this government body doesn’t only assure that the provisions are implemented. They also mollify the growing concerns of individuals about their data privacy.

3 Concepts on What Legislation Exists in Singapore Regarding Data Protection and Security

In dealing with data privacy laws, the PDPA takes into account the following concepts:

  • Consent – Organisations may collect, use, or disclose personal data only with the individual’s knowledge and consent (comes with some exceptions);
  • Purpose – Organisations may collect, use, or disclose personal data in a manner fitting for the circumstances, and only if they have informed the individual on the objectives of the collection, use or disclosure; and
  • Reasonableness – Organisations may collect, use or disclose personal data only for the reasons that would be considered appropriate to a reasonable person in the given circumstances
What Legislation Exists in Singapore Regarding Data Protection and Security

So What Legislation Exists in Singapore Regarding Data Protection and Security? 5 Regulations, and Then Some

While the PDPA Act 2012 is the principal data protection legislation in Singapore, there are 5 other regulations issued under the PDPA.

These are:

  • The Personal Data Protection Regulations 2014 – also known as ‘PDP Regulations’, which set out the requirements for transfers of personal data out of Singapore
  • The Personal Data Protection Regulations (Composition of Offences) 2013
  • The Personal Data Protection Regulations (Do Not Call Registry) 2013
  • The Personal Data Protection Regulations (Enforcement) 2014; and
  • The Personal Data Protection Regulations (Appeal) 2015

Additionally, the Personal Data Protection Commission (PDPC) has issued a number of advisory guidelines which paint a clearer picture on how to interpret the PDPA.

If you want to learn more about the specifics of each regulation, head over to the PDPC website to check out the detailed scope of these regulations.

Other Supplementary Legislation

In discussing what legislation exists in Singapore regarding data protection and security, we also need to cover other subsidiary legislation included under the PDPA.

These are:

  • Personal Data Protection (Statutory Bodies) Notification 2013
  • Personal Data Protection Act 2012 (Commencement) Notification 2014
  • Personal Data Protection (Prescribed Law Enforcement Agencies) Notification 2014
  • Personal Data Protection (Prescribed Healthcare Bodies) Notification 2015, and
  • Personal Data Protection (Amendment) Regulations 2020

After asking the question on what legislation exists in Singapore regarding data protection and security, the next best question to ask should be: what can we do within our own organisations to make sure we follow these provisions well?

Bottom line, besides wanting to avoid the hefty fine and jail time waiting for us should we violate the PDPA rules, we should also strive to build credibility among our clients and partners.

Also Read: PDPA For Companies: Compliance Guide For Singapore Business

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us