Wed. Apr 1st, 2020

Organizations Breaching the Data Privacy Protection

2 min read

The number of organizations breaching Singapore’s Personal Data Protection Act (PDPA) has jumped to a new annual high, well before the year is over, based on findings published on Tuesday (Sept 17).

By the end of August, 26 organizations had been fined or warned over PDPA breaches, up from 23 organizations recorded in all of last year.

Fines are also at an all-time high. A total of S$1.28 million in fines has been issued so far this year, most of which came from fines imposed earlier this year because of a major data breach by public healthcare group SingHealth.

The findings were published by the Data Protection Excellence (DPEX) Centre, the research and education arm of data protection software firm Straits Interactive.

The center-based its findings on information found on the website of the Personal Data Protection Commission (PDPC), which is the agency responsible for administering and enforcing the Act.

The study noted that there was, in general, an “upward trend” in the number of organizations involved in enforcement cases. There were a total of 18 cases in 2017, although the 23 cases in 2016 were somewhat higher.

A spokesperson from Straits Interactive said that no figures were available before 2016 because enforcement of the PDPA began only in April 2016. The Act came into force in 2014.

Of the S$1.28 million in fines issued for PDPA breaches so far this year, S$1 million related to the SingHealth data breach.

Singapore companies fined record S$1.28 million for PDPA breaches in 2019 – and most are in finance.

Most data leaks were not due to hacking, but companies failing to meet their obligations, a report by the Data Protection Excellence (DPEX) Centre found.

The top 3 industries with PDPA breaches are finance, retail, and non-profits. 2019 isn’t even over, but a record number of companies here have already been slapped with fines for being careless with consumers’ personal data.

Even worse, more are expected to do the same before the year ends, according to findings from the Data Protection Excellence (DPEX) Centre published on Tuesday (Sept 17).

Leave a Reply

Your email address will not be published. Required fields are marked *