Singapore: New PDPC Guidelines on Cloud Services and Data Access Requests

On 9 October 2019, the Personal Data Protection Commission (“PDPC“) revised Chapter 6 (Organisations) and Chapter 15 (Access and Correction Obligations) and introduced a new Chapter 8 on cloud services in the Advisory Guidelines on the PDPA for Selected Topics (“Guidelines“). The Guidelines, while not legally binding, reflects the PDPC’s approach in interpreting the Personal Data Protection Act.

In response to the increasing use of cloud services by organisations, the new Chapter 8 offers more clarity on the responsibilities of cloud service providers and organisations using cloud services to process personal data. Updates to Chapter 6 provide more clarity on the roles of an organisation and its data intermediary with regards to safeguarding personal data while updates to Chapter 15 focus on access requests by data subjects.

Please download the full alert for a summary of the PDPC’s updates to the Guidelines.

DOWNLOAD FULL ALERT

Singapore: New PDPC Guidelines on Cloud Services and Data Access Requests

Related Posts

Indonesia: KPPU online merger filing portal introduces a new feature – dual nexus assessment

Malaysia: Online content and related developments

Malaysia: The Cyber Security Bill 2024 – A new era for cyber security