This guide on the Active Enforcement Framework articulates the PDPC's approach in deploying its enforcement powers to act effectively and efficiently on data breach incidents. The guide also reiterates the PDPC's general approach to maximise the use of facilitation and mediation in seeking a resolution between the complainant and the organisation concerned. 

Click here to find out more.

Revisions to Guide (updated on 1 October 2022)

The Guide on Active Enforcement has been updated to provide clarity on the amendments to the PDPA which came into force on 1 February 2021. These include amendments relating to the Commission’s power to accept voluntary undertakings as part of its enforcement regime as well as changes in the maximum financial penalty which may be imposed on organisations for breaches under the PDPA.