On January 25, 2017, the PDPC ruled that a real estate agency failed to make reasonable security arrangements to prevent the unauthorized access of personal data stored online, and failed to cease storing documents containing personal data on its system until a security scan had been conducted. The Commission imposed a financial penalty of S$10,000 for violating the Personal Data Protection Act of 2012.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.