Work Colleagues

Safeguarding Your Business & Data

 
Image by Clint Patterson

DATA BREACHES – Not If, But When

Since 2015, more than 28,600 complaints have been made against various organisations in Singapore to the Personal Data Protection Commission (PDPC).

A data breach exposes personal data in an organisation’s possession or under its control to unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. With the recent enhancement of the Personal Data Protection Act (PDPA) in 2021, the maximum financial penalty for organisations that violate the PDPA has been increased to 10% of annual gross turnover in Singapore or S$1 million, whichever is higher.

Having a Data Protection Management Program in place not only enables an organisation to respond swiftly in managing any data breaches, it also establishes a robust data protection infrastructure. This provides confidence to stakeholders and fosters high trust relationships with customers and business partners.

 
Prolifics-PRO-11-Custom-Visuals-DP-enterprise-R1-20-0617.jpg

About Elitez
Data Protection

Elitez Data Protection makes it easy for SMEs to outsource their data protection functions by providing SMEs with basic data protection practices to foster consumer trust. We support SMEs in strengthening their data protection capabilities and confidence to use data to maximise business value.

 

Talk to us today for a no-obligation discussion to find out how we can help your organisation comply with the PDPA.

 

Outsource Your Data Protection Functions To Us

Outsourcing your data protection functions is simple and straightforward to do. It also means your organisation doesn't need to divert existing staff members away from their core responsibilities. Outsourcing your data protection functions enables your organisation to:

  • improve cost efficiency

  • minimise liability and risks

  • maximise productivity

 

Our Data Protection Management Programme helps an organisation build up basic data protection capabilities to demonstrate accountability and compliance with the PDPA. It covers management policies and processes for the handling of personal data as well as defines roles and responsibilities of the staff in the organisation in relation to personal data protection.

 

The Data Protection Management Programme comprises of:

  • a one-time setup service for basic data protection practices (inclusive of a 6-month review) and;

  • a 1-year annual retainer service (commences after completion of one-time setup service) consisting of bi-annual review and refresher on policies, incident management and data protection practices.

The one-time setup service includes:

Business Plan

Data Protection Management

  • Appoint a DPO and business contact information on ACRA

  • Identify risks and gaps using PDPA Assessment Tool for Organisations (PATO)

  • Document data assets and flows using a Data Inventory Map (DIM)

  • Establish Physical, Technical and Administrative measures for data protection

  • Establish a structure for reporting and assessing personal data risks 

  • Develop a Personal Data Protection Policy (PDPP) for internal stakeholders

  • Develop a Personal Data Privacy Notice (PDPN) for external parties

  • Develop a complaint handling procedure regarding personal data issues

Business Meeting

Data Breach Management

  • Establish a data breach management team

  • Develop a complaint handling procedure regarding data breach

  • Develop an action plan for data breach response

Image by Mimi Thian

Staff Training Management

  • Develop a training and communications plan for all staff

  • Monitor all staff to complete the PDPC E-Learning Programme

  • Identify key personnel to attend further training in data protection

 
 

Get In Touch

Reach out to us for a no-obligation discussion today.

2 Kallang Avenue CT Hub
#03-08 Singapore 339407

+65 6602 8282

Thanks for submitting!

Image by Christin Hume