PDPA 2012: Primary legislation governing personal data protection in Singapore, setting out the regulatory framework for personal data collection, use, disclosure, and care
Personal Data Protection Regulations 2021: Updated regulations complementing PDPA, providing specific requirements for data protection, transfer, and management
Cybersecurity Act 2018: Legislation establishing cybersecurity framework and requirements for critical information infrastructure and cybersecurity service providers
Banking Act and MAS Guidelines: Sector-specific regulations for financial institutions handling data outsourcing, including requirements for data security and governance
Healthcare Services Act: Sector-specific legislation governing healthcare data handling and protection requirements
Telecoms Act: Sector-specific legislation for telecommunications providers, including data protection requirements
PDPC Advisory Guidelines on Key Concepts: Regulatory guidelines providing interpretation and practical guidance on PDPA implementation
PDPC Guide on Data Protection Clauses: Specific guidance for drafting data protection clauses in processing agreements
PDPC Guide to Data Protection by Design: Guidelines for implementing data protection measures in ICT systems and infrastructure
CBPR System: Cross Border Privacy Rules system providing framework for cross-border data transfers
ASEAN Framework on Personal Data Protection: Regional framework establishing principles for personal data protection across ASEAN member states
GDPR Compliance Requirements: Relevant when dealing with EU data subjects, establishing additional data protection requirements and transfer mechanisms
Data Protection Obligations: Core requirements including collection, use, disclosure, purpose limitation, consent, accuracy, protection, retention, transfer, and openness obligations
Security Measures Framework: Technical, administrative, and physical security controls required for data protection, including breach notification procedures
Cross-border Transfer Requirements: Specific requirements for international data transfers, including comparable protection standards and contractual safeguards
Operational Requirements: Practical implementation requirements including data handling procedures, access controls, audit rights, and data lifecycle management
