Ensuring protection of personal data

THE Government takes the protection of personal data very seriously ("1,900 pupils' personal data leaked by accident"; last Tuesday).

Public agencies must comply with the Government's internal data protection rules. They must put in place systems to protect all data - including personal data - in their possession, and protect data against unauthorised access and disclosure, whether accidental or intentional.

Officers who violate government policies and regulations on data protection may be subjected to disciplinary proceedings. Similar obligations are imposed on private organisations, through the Personal Data Protection Act 2012 (PDPA), although data protection breaches are enforceable only against the corporate entity.

In the case mentioned, the Ministry of Education's (MOE) investigation has revealed that human error was the cause of the leak. The school has apologised for the accidental release of personal data.

The MOE will be conducting a review of all government schools' compliance with the Government's data protection rules, to ensure that proper security safeguards are in place.

It will also continue to educate officers of their responsibilities and the need to exercise great care in safeguarding and handling personal data.

The Government will also review its data protection rules to ensure that personal data is appropriately safeguarded.

This article was first published on Mar 31, 2015.
Get a copy of The Straits Times or go to straitstimes.com for more stories.