The PDPA’s data protection regulations took effect on 2 July 2014, and since then, organizations have been required to name one or more people as PDPA compliance officers. You should designate at least one person as the DPO if your organization manages personal data.