This guide provides an introductory outline of key principles and considerations for organisations, especially those without any measures or tools to address specific personal data protection risks, on conducting a DPIA for systems and processes. The practices suggested in this guide are for general information and not exhaustive.

Click here to find out more.

Revisions to Guide (14 September 2021)

This guide has been updated to align with the new obligations under the updated PDPA, which came into force on 1 February 2021.