Personal Data Protection Act 2012 (PDPA): Singapore's primary data protection legislation that includes mandatory data breach notification requirements, guidelines for handling personal data, and requirements for reporting to the Personal Data Protection Commission (PDPC)
Cybersecurity Act 2018: Legislation governing cybersecurity in Singapore, including requirements for Critical Information Infrastructure (CII) owners, incident reporting obligations, and cybersecurity threat management
PDPC's Guide on Managing Data Breaches 2.0: Regulatory guideline providing assessment framework for data breaches, notification thresholds and timelines, and detailed steps for breach management
PDPC's Guide to Data Protection Practices for ICT Systems: Technical guidelines outlining security measures and system protection requirements for ICT systems
MAS Guidelines: Specific regulatory requirements from the Monetary Authority of Singapore for the financial sector regarding data breach notification and security
Healthcare Sector Requirements: Sector-specific regulations for healthcare institutions regarding patient data protection and breach notification
Education Sector Guidelines: Specific requirements for educational institutions handling student data and breach notification procedures
GDPR Compliance Requirements: European Union's General Data Protection Regulation requirements that may apply when dealing with EU residents' data
APEC Cross-Border Privacy Rules: Regional privacy framework for consistent data protection across APEC member economies
ISO/IEC 27001: International standard for information security management systems, providing framework for security policies and procedures
