PDPA 2012: Primary legislation - Personal Data Protection Act 2012, the main data protection law in Singapore governing the collection, use, disclosure and care of personal data
PDPA Regulations 2021: Updated regulations providing specific requirements for data protection compliance under the PDPA
Data Breach Regulations 2021: Specific regulations detailing requirements for notification and handling of data breaches
Key Concepts Guidelines: Advisory Guidelines on Key Concepts in the PDPA providing interpretation and practical guidance on the law
Selected Topics Guidelines: Advisory Guidelines on specific topics under PDPA providing detailed guidance for particular situations
Active Enforcement Guidelines: Guidelines detailing how the PDPC enforces the PDPA and handles investigations
DPIA Guidelines: Guide to Data Protection Impact Assessments - framework for assessing data protection risks
Sector Guidelines: Specific guidelines for sectors like healthcare, banking, education, and telecommunications
APEC CBPR: APEC Cross-Border Privacy Rules System - regional framework for data protection
ASEAN Framework: ASEAN Framework on Personal Data Protection - regional data protection principles
GDPR Considerations: EU General Data Protection Regulation considerations if dealing with EU residents' data
Consent Obligations: Requirements for obtaining valid consent before collecting, using or disclosing personal data
Purpose Limitation: Obligation to collect, use or disclose personal data only for purposes that a reasonable person would consider appropriate
Notification Obligations: Requirements to inform individuals of the purpose for collecting, using or disclosing their personal data
Access and Correction Rights: Individual rights to access their personal data and request corrections
Accuracy Requirements: Obligation to make reasonable effort to ensure personal data collected is accurate and complete
Protection Obligations: Requirements to make reasonable security arrangements to protect personal data
Retention Limitation: Obligation to cease retention of personal data when no longer necessary for legal or business purposes
Transfer Limitation: Restrictions on transferring personal data outside of Singapore
Data Breach Requirements: Obligations for notifying affected individuals and PDPC about qualifying data breaches
Openness Obligation: Requirement to implement necessary policies and procedures to ensure compliance with the PDPA
