Help for Organisations

Organisations will need to review their data protection policies and put in place practices to comply with the PDPA. Below are various avenues that can help organisations get started.

Questions

Organisations that have queries concerning the interpretation and application of the PDPA should first refer to the advisory guidelines, FAQs, guidance notes and other resources available on this website. Please read about the scope of guidance that PDPC may provide here.

If your query is not addressed in any of the existing resources on this website, you may contact us here.

Learn About The PDPA

Learn 01Fundamentals of the Personal Data Protection Act
Attend a two-day course developed under the Business Management Workforce Skills Qualifications (BM WSQ) framework. The course aims to help organisations deepen their understanding of the PDPA by stepping through key concepts under the PDPA and develop their own data protection policies and processes to comply with the PDPA. Participants who have successfully completed the course and assessment will also be awarded with a BM WSQ Statement of Attainment issued by SkillsFuture Singapore (SSG). The course will be conducted by a list of approved training organisations. For more information, please click here.
 Learn 01Practitioner Certificate in Personal Data Protection (Singapore) Preparatory Course
Attend a two-day preparatory course to equip yourself with practical data governance and data protection knowledge and skills, and learn to use risk-based tools to establish a robust data protection infrastructure for your organisation. Participants who have successfully passed the examination, conducted at our appointed examination centre, will obtain the Practitioner Certificate in Personal Data Protection (Singapore) co-issued by the PDPC and International Association for Privacy Professionals (IAPP). For more information, please click here
. 
 Learn 02PDPA Briefing
Industry briefings can be arranged upon request through sectoral regulators or trade associations and chambers (TACs). Conducted by the PDPC, the one- to two-hour briefing typically covers an overview of the PDPA, common scenarios faced by the industry, learning points from breach cases, and concludes with a Q&A session.
 Learn 03PDPA E-learning Programme
Learn about the PDPA at your convenience with our free interactive PDPA E-learning Programme, which includes a self-assessment module. Corporate Account is also available for companies to better assess their employees' learning outcomes.
 Learn 01Professional Conversion Programme (PCP) for Data Protection Officers
The PCP for Data Protection Officers (DPOs), supported by Workforce Singapore (WSG) and SkillsFuture Singapore (SSG), provides skills conversion to place and train PMETs in the role of a DPO. The PCP aims to develop a pool of pre-qualified candidates for DPO roles and help SMEs acquire their own data protection expertise. Companies who are interested to hire a DPO under the PCP scheme may find out more here.

Other PDPA-related Training*

Here are other courses offered under the Critical Infocomm Technology Resource Programme (CITREP II) by the Infocomm Media Development Authority of Singapore, which allows for up to 70% funding on course fees:

Here are other courses offered by Singapore Management University (SMU) Academy and funded by SSG, subsidising up to 70% of course fees for Singaporeans and Permanent Residents below 40 years old and an additional 20% subsidy for Singaporeans aged 40 and above.

*These courses do not use the curriculum developed by the PDPC and are not endorsed in any way by the PDPC.

Comply with the PDPA

 dp starter kitData Protection (DP) Starter Kit
Kick-start your organisation's data protection journey with the DP Starter Kit, which packs useful information and resources to help you. It will also guide you through common issues that SMEs may face when complying with the PDPA.
 Comply 02Telemarketing and Do Not Call (DNC) Registry
Organisations conducting telemarketing activities should check the DNC requirements before starting your marketing campaigns. Our how-to video is just the tool you need for a step-by-step guide when using the DNC Registry. Or simply read about it from our DNC Registry for Organisations factsheet.
 Comply 03Consultation for Small and Medium Enterprises (SMEs) 
SMEs can head down to a SME Centre for a free consultation relating to the PDPA. The PDPC is collaborating with the SME Centres located at five associations, by supporting their Business Advisors in helping SMEs on personal data protection matters as part of the advisory clinics.
  1. SME Centre at the Association of Small and Medium Enterprises (ASME): enquiries@smecentre-asme.sg
  2. SME Centre at the Singapore Chinese Chamber of Commerce and Industry (SCCCI): enquiry@smecentre-sccci.sg
  3. SME Centre at the Singapore Malay Chamber of Commerce and Industry (SMCCI): advisory@smecentre-smcci.sg
  4. SME Centre at the Singapore Indian Chamber of Commerce and Industry (SICCI): query@smecentre-sicci.sg
  5. SME Centre at the Singapore Manufacturing Federation (SMF): query@smecentre-smf.sg
 Comply 04Legal Assistance
Organisations can refer to the Directory of Lawyers under the Law Society of Singapore for assistance to engage a law firm/lawyer. 

VWOs/Charities can approach the Law Society Pro Bono Office for free legal consultation.            
 dp advisory sessionData Protection Advisory Session
A panel of DP advisors have been appointed to provide free guided support and assistance to SMEs. Make an appointment here.

Manage Personal Data and IT Systems

 Manage 02Advisory Guidelines and Guides
Obtain greater clarity on how the PDPA may apply to your organisation with our Advisory Guidelines and Other Guides, which comprise a variety of topics, such as notification, managing data breaches, and securing personal data in electronic medium.
 Manage 01List of Data Protection Service Providers
This directory provides a basic reference to a variety of data protection services that may be available in Singapore. Access the directory here.
Pato
PDPA Assessment Tool for Organisations (PATO)
This tool enables organisations to conduct a self-evaluation to identify key gaps or areas of improvement in their data protection policies and practices.
 solutions

Pre-approved Solutions for Organisations
Organisations may consider adopting pre-approved solutions, that can allow use of alternative identifiers in replacement of NRIC numbers, to automate and align your business operations with the revised Advisory Guidelines on the PDPA for NRIC and other National Identification Numbers.

Last updated on 12 October 2018