On 22 May 2019, the Personal Data Protection Commission ("PDPC") launched a guide titled "Guide to Managing Data Breaches 2.0" (the "Guide") that refreshes an earlier guide on the topic that was published in 2015.
The refreshed Guide retains some of the best practices for managing data breaches in the earlier guide and provides some additional colour. In particular, more details on whether, when and how to report data breaches have been added in light of proposed changes to the Personal Data Protection Act (the "PDPA") to introduce a mandatory breach notification requirement.
A summary of the PDPC's refreshed four step data breach management plan and the updated breach reporting section is provided below.
For more information, you can download the full alert here