Posted on November 21, 2019
The Personal Data Protection Act of 2012 (PDPA) is a law designed to regulate and enforce the proper collection, use, disclosure, and care of the personal data of citizens in the Republic of Singapore. The Personal Data Protection Commission (PDPC)is charged with establishing policies and for reviewing organizational actions related to personal data protection rules. It also issues directions for compliance, where necessary, and imposes fines and other actions for noncompliance.
Any business entity or organization that collects, uses, or discloses personal data falls under this law. It was designed to recognize both the right of individuals to protect their personal data and the need of organizations to collect, use, or disclose personal data for purposes that a reasonable person would consider appropriate in a given circumstance.
Related reading: What is GDPR?
Organizations are obligated to protect personal data in their possession or under their control by making reasonable security measures to prevent unauthorized access, collection, use, disclosure, copying, modification or data, or similar risks.
Noncompliance can result in the PDPC ordering an organization to stop any business activities which use personal data and in issuing fines of $10,000 per offense.
Related reading: Marriott International Data Breach
Related reading: Facebook’s Security Breach
The PDPC divides protection measures into three categories: administrative, physical, and technical.A managed file transfer system, like GoAnywhere MFT, can address the technical measures required to protect personal data by:
Learn about how managed file transfer can offer organizations the technical security measures needed to comply with the PDPA.