Singapore: New PDPC Guidelines on Cloud Services and Data Access Requests

On 9 October 2019, the Personal Data Protection Commission (“PDPC“) revised Chapter 6 (Organisations) and Chapter 15 (Access and Correction Obligations) and introduced a new Chapter 8 on cloud services in the Advisory Guidelines on the PDPA for Selected Topics (“Guidelines“). The Guidelines, while not legally binding, reflects the PDPC’s approach in interpreting the Personal Data Protection Act.

In response to the increasing use of cloud services by organisations, the new Chapter 8 offers more clarity on the responsibilities of cloud service providers and organisations using cloud services to process personal data. Updates to Chapter 6 provide more clarity on the roles of an organisation and its data intermediary with regards to safeguarding personal data while updates to Chapter 15 focus on access requests by data subjects.

Please download the full alert for a summary of the PDPC’s updates to the Guidelines.

DOWNLOAD FULL ALERT

Singapore: New PDPC Guidelines on Cloud Services and Data Access Requests

Related Posts

Mexico: New legal framework in matters of transparency, protection of personal data and access to public information

Luxembourg: CSSF aligns with DORA – Key updates on ICT and outsourcing regulations

Hong Kong: HKMA and SFC’s guidance on Staking of Virtual Assets