Computer Weekly reports Singapore's Personal Data Protection Commission has released new guidance on how to approach cloud services under the Personal Data Protection Act. The guidelines aim to help both businesses and cloud service providers understand the application of the law with a focus on protections for data transfers across boundaries in a cloud environment. The guidelines explain CSPs are data intermediaries and therefore protected while being subject to data retention limits. Also, organizations need to ensure the CSPs they use are transferring data to locations with comparable data protection laws to that of the PDPA.
If you want to comment on this post, you need to login.