Cookies on Pinsent Masons website

Our website uses cookies and similar technologies to allow us to promote our services and enhance your browsing experience. If you continue to use our website you agree to our use of cookies.

To understand more about how we use cookies, or for information on how to change your cookie settings, please see our Cookie Policy.

Public sector data security review commissioned in Singapore

A review of data security across public sector organisations in Singapore has been commissioned by the city state's government.02 Apr 2019

Prime minister Lee Hsien Loong has set up a committee to lead the review, which follows on from recent high-profile incidents of data breaches in Singapore's public sector.

In January, the Personal Data Protection Commission (PDPC) served fines totalling SIN$1 million ($739,000) on the body behind the operation of several hospitals and other health institutions in Singapore and the city state's central national IT agency for the public healthcare sector over data security failings that enabled a hacker to access the personal data of nearly 1.5m people.

Later that month, the Ministry of Health (MoH) confirmed that thousands of people diagnosed with HIV, as well as people linked to those individuals, had their details "illegally disclosed online" in a separate incident.

Those incidents have "underlined the urgency to strengthen data security policies and practices" in the sector, the prime minister's office said in a statement. The Public Sector Data Security Review Committee, which will be led by Singapore's deputy prime minister Teo Chee Hean, will scrutinise data security practices "across the entire public service", including the way service providers to the government handle personal data, it said.

"The Committee will: review how the government is securing and protecting citizens’ data from end-to-end, including the role of vendors and other authorised third parties; recommend technical measures, processes and capabilities to improve the government’s protection of citizens’ data, and response to incidents; and develop an action plan of immediate steps and longer term measures to implement the recommendations," the prime minister's office said.

The Committee will submit its recommendations to the prime minister by 30 November this year.