Data Breaches Key Learning Points

Posted  November 01, 2019  by  Jenny Green


Organisations have a duty to abide by the Personal Data Protection Act (PDPA), to keep all data collected safe and secure. Data breaches can still occur, despite efforts.  made which bring to mind important learning points for organisations to better improve their data protection practices.
 
Data breaches can happen to any organisation
 
According to an article on The Straits Times, 29 organisations have been fined and warned for breaching laws in the PDPA this year, and the amount of fines issued has exceeded  $1.29 million[1].
 
One of the most significant data breaches in Singapore would be the SingHealth data breach. Hackers broke into SingHealth’s database and stole personal data from more than 1.5 million patients, including Prime Minister Lee Hsien Loong’s data. This resulted in a $750,000 fine for the IT agency which manages Singapore’s healthcare sector, Integrated Health Information Systems, and a $250,000 fine for SingHealth.
 
Other organisations that have faced data breaches in 2019 included Horizon Fast Ferry, K Box Entertainment Group and DS Human Resource. These data breaches show that even some of the largest organisations with the most advanced high tech systems and equipment could face a data breach. A key takeaway would be that it is important for organisations to have measures in place to protect both the organisation’s and consumers' data to prevent such breaches from occurring.
 
Data breaches can occur anytime to both digital and physical data. They can be caused by carelessness, a lack of data protection practices in the company, or hacking from an internal or external party. This can lead to horrible consequences for both the organisation and its consumers. For organisations, it leads to fines and a poor reputation. For consumers, it leads to their personal data being compromised.
 
Preventing data breaches
 
A holistic approach should be taken when it comes to data protection and data breach prevention. It’s not only digital data and cyber security that needs to be improved on, but the security of physical data as well.
 
Ways in which organisations could reduce the chances of a data breach include appointing a Data Protection Officer (DPO), secure shredding of documents,  developing a data security plan for the organisation, regularly educating employees on strong data protection habits and properly disposing sensitive documents.
 
To help organisations improve their data protection measures, Shred-it encourages both organisations and individuals to have a clean desk policy, a Shred-it All policy, and proper hard drive disposal to safeguard organisational data.
 
Start protecting your business
 
An organisation that integrates data protection into its business processes can reduce any data breach risk and PDPA non-compliance. Learn more about how Shred-it can protect your documents and hard-drives by contacting us for a free quote and security risk assessment.
 
[1] The Straits Times. 2019. Data privacy breaches: Fines hit new annual high. [ONLINE] Available at: https://www.straitstimes.com/tech/data-privacy-breaches-fines-hit-new-annual-high. [Accessed 12 October 2019].

Request a Quote and Start Protecting Your Business Today!

Fill out the form or call 6787 7777 to start protecting your business today! 

Select Service




Company info

Your info

Additional Info

×