Singapore’s public agencies will access data breaches on a case-by-case basis
Dr Janil Puthucheary, a senior minister of state for communications and information and transport, states that there’s a need to look at every case, a need to look at the issue at hand as to what has been accessed, what are the circumstances and the potential impact it may have on the affected citizen involved.
Some Members of Parliament have expressed their concerned and raised questions on whether affected citizens have the right to know, and in a timely manner, if their data is compromised while in the care of public agencies. As of right now, there is no mandatory reporting requirement, only general guidelines on how citizens should be approached, but each case will be analysed on its own and all relevant factors will be taken into account.
The government has increased the number and types of internal IT audits as a measures implemented to protect information, but should citizens suspect that their data have been misused or hacked, they can complain to GovTech or make a police report if a crime is suspected.
Dr Bostjan Makarovic, Aphaia Managing Partner, “Singapore has so far not been endorsed by the European Commission as a jurisdiction that has a comparable level of protection of personal data to GDPR but that could change in the future.”