ZDNet reports Singapore is making changes to its data breach notification guidelines as part of the upcoming amendment to its Personal Data Protection Act. The updates call for organizations to complete data breach investigations within 30 days of its discovery and then take no more than 72 hours to report the incident to the Personal Data Protection Commission following its examination. The changes, which will be reviewed and updated when necessary, also call for businesses to report breaches that involve more than 500 people and those that carry significant harm or impact. Additionally, the PDPC announced new guidelines regarding its regulatory powers with data breaches, as well as a public consultation on the inclusion of data portability to the PDPA.
If you want to comment on this post, you need to login.