10 August, 2019
On 15 July 2019, the Personal Data Protection Commission (“PDPC”) issued its Guide to Accountability (“Guide”) that explains the principle of accountability in the context of personal data protection and how the PDPC has implemented this in Singapore. The Guide also sets out recommendations on how organisations can implement accountability-based measures. The Guide is part of a series of efforts by the PDPC to shift the emphasis in personal data protection from compliance to accountability. Please see our earlier legal update on other initiatives from the PDPC.
Accountability under the Personal Data Protection Act 2012 (“PDPA”) requires organisations to undertake measures to ensure and demonstrate compliance with the PDPA. For instance, the organisation is required to designate a data protection officer, who will be responsible for ensuring the organisation’s compliance with the PDPA. Ideally, the data protection officer should be part of senior management of the organisation.
In addition, the organisation is required to develop and implement internal and external policies for data protection.
The full article can be found from Zicolaw's site here.
For more information, please contact:
Heng Jun Meng, Director | ZICO Insights Law
jun.meng.heng@zicolaw.com
