Jurisdiction - Singapore
Reports and Analysis
Singapore – Guide To Managing Data Breaches.

11 May 2015

 

 
Introduction
 
The Personal Data Protection Commission (“PDPC”) in conjunction with the newly formed Cyber Security Agency (“CSA”) has issued a guide on how to help organisations manage personal data breaches effectively on 8 May 2015 (“Data Breach Guide”).1
 
The Data Breach Guide outlines how organisations should respond in the event of a data breach involving Personal Data.
 
Overview Of Contents
 
The steps to take involve having in place a data breach management and response plan that can be implemented immediately that would cover:
 
  • Steps to Contain the Breach
  • Assessing Risks and the Impact
  • Reporting the Incident
 
In the aftermath of a data breach, the Data Breach Guide provides useful suggestions and guidelines, in respect of the reporting of the incident, on:
 
  • Contents of the notification of the data breach
  • Parties who should be notified
  • How and when the notification should be made
 
Comment
 
It is most pertinent to note that the Data Breach Guide has stated that “Organisations are advised to notify PDPC as soon as possible of any data breaches that might cause public concern or where there is a risk of harm to a group of affected individuals”. This seems to be the clearest indication, thus far, that the personal data protection landscape in Singapore may be evolving towards a breach notification system.
 
The Data Breach Guide appears to place much emphasis on the reporting of a data breach incident, but it is important for organsations to be mindful that data breach management has to be viewed and acted upon on multiple dimensions. Apart from regulatory compliance obligations, organisations must take into account the management of existing legal relationships with customers, vendors and insurers, business continuity plans and reputation issues.
 
End Notes:
 
1 https://www.pdpc.gov.sg/docs/default-source/publications-edu-materials/guide-to-managing-data-breaches-v1-0-(080515).pdf?sfvrsn=2
RHTLTWlogo+slogan-RGB 
For further information, please contact:

 

Rizwi Wun, Partner, RHTLaw Taylor Wessing

rizwi.wun@rhtlawtaylorwessing.com

 

Jack Ow, RHTLaw Taylor Wessing

jack.ow@rhtlawtaylorwessing.com
 

RHTLaw Taylor Wessing TMT Practice Profile in Singapore

 

Homegrown TMT Firms in Singapore

Comments are closed.