Managing data, in particular personal data, is of utmost importance. Organisations should adopt a prudent strategy, take proactive approach in fostering a data protection culture with the organisation, and you will build trust and goodwill with your customers.
To help organisations better manage personal data, organisations in Singapore are required under the Personal Data Protection Act 2012 (PDPA) to designate at least one individual as the organisation’s Data Protection Officer (DPO) to be responsible for the organisation’s compliance with the PDPA and to answer questions relating to their data protection policies and practices.
The DPO may be an existing employee in the organisation who takes on this role as one of his multiple responsibilities. The DPO’s role may include the following:
Please note compliance by the organisation with the PDPA remains the responsibility of the organisation notwithstanding appointment of the DPO.