Safeguarding Your Business & Data
DATA BREACHES – Not If, But When
Since 2015, more than 28,600 complaints have been made against various organizations in Singapore to the Personal Data Protection Commission (PDPC).
A data breach exposes personal data in an organization’s possession or under its control to unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. With the recent enhancement of the Personal Data Protection Act (PDPA) in 2021, the maximum financial penalty for organizations that violate the PDPA has been increased to 10% of annual gross turnover in Singapore or S$1 million, whichever is higher.
Having a Data Protection Programme in place not only enables an organization to respond swiftly in managing any data breaches, it also establishes a robust data protection infrastructure. This provides confidence to stakeholders and fosters high trust relationships with customers and business partners.
Is your organization
at risk?
There has been a noticeable increase in global data breaches. In recent years, both Multinational Corporations (MNCs) and Small and Medium Enterprises (SMEs) in Singapore have experienced such breaches.
We are pleased to have the opportunity to speak with Eugene, our Group Data Protection Officer at the Elitez Group of Companies, to delve deeper into this issue. Eugene will provide insights into his role and share his personal experiences in navigating the challenges of data protection.
About Elitez
Data Protection
We are dedicated to helping our clients develop their own data protection capability through consultancy and training.
Whether your organization is just starting out on its data protection journey or preparing for the Data Protection Trustmark (DPTM) certification, we can guide you every step along the way.
We offer a free no-obligation consultation to share how we can help your organization comply with the PDPA.
Build Up Your Data Protection Capability
In today's digital age, where data is the lifeblood of many organizations, building a strong data protection capability is no longer optional, it's essential.
This translates to safeguarding customer information, employee records, and internal data from unauthorized access, breaches, or misuse. A robust Data Protection Programme fosters trust with stakeholders, demonstrating your organization's commitment to responsible data handling. This not only mitigates legal risks and potential fines, but also enhances your organization's reputation, attracting and retaining clients and customers who value privacy.
By prioritizing data protection, your organization gains a competitive advantage, positioning itself as a trustworthy and security-conscious organization, and foster stronger relationships with its stakeholders.
Our Services
We help your organization to build up its capability to develop, govern, and manage its personal data and achieve compliance with the PDPA. Our Data Protection Programmes cover the 4 areas below:
-
Accountability
-
Demonstrate responsibility through proper management and protection of personal data.
-
-
Collection of Personal Data
-
Notify individuals of the purposes for collecting, using and disclosing their personal data.
-
Collect, use or disclose personal data for purposes which individuals have given consent to. Also allow them to withdraw their consent with reasonable notice.
-
Collect, use or disclose personal data for purposes that a reasonable person would consider appropriate under given circumstances, and for which the individual has given consent to.
-
-
Care of Personal Data
-
Ensure that the personal data collected is accurate and complete, especially if it is likely to be used to make a decision that affects the individual or to be disclosed to another organization.
-
Make reasonable security arrangements to protect the personal data in your possession to prevent unauthorized access, collection, use, disclosure or similar risks.
-
Stop keeping personal data or dispose of it properly when it is no longer needed for any business or legal purpose.
-
Transfer personal data overseas according to the requirements prescribed under the regulations, to ensure that the standard of protection is comparable to the protection under the PDPA.
-
-
Individual’s Autonomy over Personal Data
-
Upon request, provide individuals with access to their personal data and information on how it was used or disclosed within a year, and correct any error or omission where required.
-
If there is a data breach and likely results in significant harm to individuals, and/or are of significant scale, notify the PDPC and affected individuals as soon as practicable.
-
Overview of Our Services
Basic Data Protection Programme (BDPP)
-
Suitable for organizations just starting out in their data protection journey
-
Put in place basic data protection policies and processes, covering 20 controls
-
Includes complimentary 'Fundamentals of the Personal Data Protection Act (2020)' course (worth $763) for 1 staff
Advanced Data Protection Programme (ADPP)
-
Suitable for organizations looking to improve their existing data protection capability
-
Put in place comprehensive data protection policies and processes, covering 44 controls
-
Includes complimentary 'Fundamentals of the Personal Data Protection Act (2020)' course (worth $1,526) for 2 staff
Data Protection Retainer Service (applicable after completing BDPP or ADPP)
-
Carry out 1 annual review of data protection policies
-
Conduct 1 table-top exercise to test the data breach response plan
-
Provide 1 refresher training for key staff on data protection awareness
DPTM Consultancy Service
-
Ideal for organizations interested to achieve DPTM certification
-
Implementation of policies, processes and training to achieve DPTM certification requirements
-
Preparation of necessary documentation
-
Provide support during Stage 1 and Stage 2 audits
-
Includes complimentary 'Fundamentals of the Personal Data Protection Act (2020)' course (worth $3,052) for 4 staff
Get In Touch
Reach out to us for a free no-obligation discussion today
2 Kallang Avenue CT Hub
#03-08 Singapore 339407
+65 6602 8282
