PDPC may accept an undertaking from an organisation that has potentially contravened the Personal Data Protection Act 2012 (“PDPA”). The process is intended to allow organisations to implement a remediation plan that will not only rectify the immediate breach, but also address any systemic shortcomings to ensure compliance with the PDPA on a continual basis. In considering whether to accept an undertaking, PDPC will examine the effectiveness of the remediation plan proposed by the organisation, and the organisation’s readiness to implement it.
For more details, please refer to PDPC’s Guide on Active Enforcement.
|1||Grabcar Pte Ltd||10 Sept 2020|
|2||Employment & Employability Institute Pte Ltd||10 Sept 2020|
|3||HSBC Bank (Singapore) Limited||10 Sept 2020|
|4||NEC Asia Pacific Pte Ltd||14 Jan 2021|
|5||StarMed Specialist Centre Pte Ltd||18 Feb 2021|
|6||Manulife (Singapore) Pte Ltd||15 Apr 2021|