PDPC | Guide on Managing and Notifying Data Breaches Under the PDPA

Guide on Managing and Notifying Data Breaches Under the PDPA

This guide is intended to help organisations to identify, prepare for, and manage data breaches. Organisations may also refer to this guide for key information on the mandatory Data Breach Notification Obligation under the PDPA, including the criteria, timelines and information to be provided when notifying the PDPC and affected individuals.

Click here to find out more.

Revisions to Guide (updated 15 March 2021)

This guide replaces the Guide to Managing Data Breaches 2.0 and has been updated with details of the mandatory data breach notification requirement, as part of the enhanced PDPA which came into force on 1 February 2021.

Revisions to Guide (updated 15 March 2021)

Guide on Active Enforcement

Guide to Developing a Data Protection Management Programme

Guide to Data Protection Impact Assessments

Advisory Guidelines on Key Concepts in the Personal Data Protection Act

Advisory Guidelines on Enforcement of Data Protection Provisions

Personal Data Protection Commission