All businesses, even sole proprietorships, are required to appoint a Data Protection Officer (DPO) who is in charge of making sure the company complies with the PDPA.

Additionally, organizations must make sure that at least one DPO’s business contact information is made public. The company’s general phone number or email address could be listed as the business contact information.

The DPO may be an individual whose main area of responsibility is data protection or a member of the organisation who includes it among his many duties. To be clear, notwithstanding the hiring of the data protection officer, the organisation is still responsible for ensuring that it complies with the PDPA.

The Data Protection Officer’s (DPO) base of operations is not specified by the PDPA. The DPO does not have to work for the organization; instead, it can be contracted out to a different party. To be in compliance with the PDPA standards, the DPO whose business contact information is disclosed must be approachable whenever a member of the public in Singapore tries to contact him.

All personal data that is in a company’s possession or under its management must be handled responsibly. This could apply to personal information about clients or stockholders as well as information about staff. According to the PDPA, a company must appoint one or more people to be in charge of making sure the law is followed.

The PDPA’s data protection regulations took effect on 2 July 2014, and since then, organizations have been required to name one or more people as PDPA compliance officers. You should designate at least one person as the DPO if your organization manages personal data.