Review your content’s performance and reach.
Become your target audience’s go-to resource for today’s hottest topics.
Understand your clients’ strategies and the most pressing issues they are facing.
Keep a step ahead of your key competitors and benchmark against them.
add to folder:
Questions? Please contact [email protected]
In brief
The Personal Data Protection Commission (PDPC) recently released the following new guidance:
Businesses should take steps to consider how to integrate the PDPC's Guide, Handbook and Checklists in practice, e.g., implementation of an internal FAQ for employees and implementation of internal policies for the app developer/engineering team.
Recommended actions
All organisations are required under the Personal Data Protection Act 2012 to safeguard personal data that it possesses or has under its control.
To achieve this safeguard, and to ensure robust and resilient ICT systems, organisations should:
In more detail: the Guide, Handbook and Checklists
To allow easy reference by ICT personnel in an organisation, as well as its vendors, the latest Guide groups data protection practices for ICT systems into three main sections and recommends the basic and enhanced ICT practices that organisations can put in place to support each stage of the data lifecycle:
The Guide also provides a checklist of good practices that organisations should include in the development of their data breach management plan.
The Handbook identifies the following five most common gaps in ICT system management and processes based on case studies, with corresponding ICT preventative good practices:
The Checklists complement the Handbook, and aim to help organisations:
Organisations that handle personal data (e.g., names and email addresses) for generic communication purposes such as direct marketing or customer support should adopt the recommended basic practices. Where organisations hold large quantities of different types of personal data or data that might be more sensitive in nature to the individuals or the organisations, the PDPC expects these organisations to implement the relevant enhanced practices suggested in each section additionally.

Content is provided for educational and informational purposes only and is not intended and should not be construed as legal advice. This may qualify as "Attorney Advertising" requiring notice in some jurisdictions. Prior results do not guarantee similar outcomes. For more information, please visit:
add to folder:
If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].
"I love the service. It’s a terrific time saver, very practical, very relevant, and very up-to-date. The best new legal resource I’ve come across in a long time. And free to boot! Please keep providing it."
© Copyright 2006 – 2021 Law Business Research