Singapore legislation

Clause 29

of Personal Data Protection (Amendment) Bill

Clause 29

Amendment of section 65

Section 65(2) of the principal Act is amended —

(a)

by inserting, immediately after paragraph (b), the following paragraphs:“(ba)the assessment and notification of notifiable data breaches, including —

(i)

the steps and measures that an organisation must take in relation to the investigation and assessment of data breaches; and

(ii)

the form and manner in which the Commission and affected individuals must be notified of notifiable data breaches;

(bb)the form, manner and procedures relating to data porting requests, including —

(i)

the information and particulars that must be provided for such requests;

(ii)

the time for and content of a porting organisation’s responses to such requests;

(iii)

the steps that a receiving organisation must take to confirm the accessibility and completeness of any applicable data transmitted by a porting organisation; and

(iv)

the fees that a porting organisation may charge in respect of such requests;”;

(b)

by deleting the words “section 28” in paragraph (e) and substituting the words “section 48H”;

(c)

by deleting the words “section 31” in paragraph (f) and substituting the words “section 48N”;

(d)

by deleting the words “to confirm whether a Singapore telephone number is listed in the relevant register for the purposes of section 43(1)(a)” in paragraph (m) and substituting the words “made under section 40(2)”; and

(e)

by deleting the full‑stop at the end of paragraph (m) and substituting a semi‑colon, and by inserting immediately thereafter the following paragraph:“(n)the requirements that checkers must comply with for the purposes of this Act.”.

Clause 29 — Personal Data Protection (Amendment) Bill