• Straits Interactive

No surprises - data breach reporting becomes mandatory

By Lyn Boxall, Director, Lyn Boxall LLC

On Thursday 14 May 2020, the Ministry of Communications and Information and the Personal Data Protection Commission of Singapore launched an online public consultation of the Personal Data Protection (Amendment) Bill 2020.

It is no surprise that the amendment bill includes mandatory data breach reporting. The Commission conducted consultations on data breach notification two or three years ago. In the interim it has published guides about managing data breaches and has encouraged organisations to notify it about data breaches that may indicate that a systemic issue is the cause of the breach.

The Commission notes in the Public Consultation Paper that data breach notifications are central to organisations' accountability because they encourage organisations to establish risk-based internal monitoring and reporting systems to detect data incidents. The Commission also expressed the view that, when coupled with breach management plans, data breach notifications are integral to organisations' incident response and remediation.

The Commission said that accountable organisations may also couple breach notification and breach mitigation plans in order to apply for a statutory undertaking. Please see the separate paper about voluntary undertakings for more information on them (also referred to as statutory undertakings).

...continue reading

6 views0 comments
  • Facebook
  • YouTube




43D Beach Road Singapore 189681
Tel: +65 6815 8010
Fax: +65 6717 4885

Tel: + 603 9212 8533

Tel: + 63 91 7515 0369


Tel: +91 99453 74115


Copyright © 20 Straits Interactive Pte Ltd. All rights reserved. 
All third party trademarks (including logos and icons) referenced remain the property of their respective owners.