Guide on Managing and Notifying Data Breaches Under the PDPA

This guide is intended to help organisations to identify, prepare for, and manage data breaches. Organisations may also refer to this guide for key information on the mandatory Data Breach Notification Obligation under the PDPA, including the criteria, timelines and information to be provided when notifying the PDPC and affected individuals.

Click here to find out more.

Revisions to Guide (updated 15 March 2021)

This guide replaces the Guide to Managing Data Breaches 2.0 and has been updated with details of the mandatory data breach notification requirement, as part of the enhanced PDPA which came into force on 1 February 2021.