Professional Documents
Culture Documents
Data Protection - Summary
Data Protection - Summary
The Act only applies to: Digital personal data which is data about an individual who is
identifiable by or in relation to such data and does not apply to offline data.
Key Stakeholders subject to regulations and compliance requirements under the Act:
i) Data Principle: Individual (natural person only) to whom the personal data relates.
Can also be a child or a person with disability – including their representatives.
ii) Data Fiduciary: A person who either by themselves or with another person(s)
determines the purposes and means of processing personal data.
iii) Data Processor: Any person processing personal data on behalf of a data fiduciary.
ii) Ensuring the accuracy, completeness, and consistency of the data that is stored.
iii) Notifying data breach to the data protection board and the data principles. Erasure
of data from its system/processor’s system, if the principal withdraws consent or
the fiduciary, thinks it is appropriate.
iv) Significant data fiduciaries must also appoint a data protection officer and a data
auditor along with conducting a data protection impact assessment.