TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Asia Pacific Dashboard Digest | Notes from the iappANZ, 3 August 2018 Related reading: Roundup: Canada, Russia, US and more


Greetings, fellow privacy professionals.

For those of you who made it to the Asia Privacy Forum held in Singapore last week, thank you, and I trust you found the conference and networking sessions invaluable and fruitful. For the rest, sorry that you missed out on a number of insightful and thought-provoking presentations and panels!

In his keynote address at the forum, Commissioner of the Singapore Personal Data Protection Commission Tan Kiat How spoke on a number of important developments impacting the privacy ecosystem in Singapore. Besides highlighting the initiatives relating to AI and data governance covered in my notes a couple of weeks back, the commissioner also discussed the PDPC’s intention to leverage the government’s Open Innovation Platform to create crowdsourced, open-source data protection tools that could, for example, be made available to assist local companies in performing DPIAs. This struck me as an interesting initiative, and it is a great example of how the PDPC is setting itself apart as a progressive and caring regulator.

Another theme that was mentioned in Commissioner Tan’s speech and repeated by the Minister of Communications and Information S. Iswaran, in his opening address for the PDPC’s 2018 Personal Data Protection Seminar held one day after the Asia Privacy Forum, is the importance of ensuring that there is an adequate pipeline of competent privacy professionals to guide organizations in achieving operational compliance and demonstrating accountability. In this regard, the Data Protection Excellence Centre established by IAPP’s official training partner Straits Interactive in collaboration with the Singapore Management University Academy has introduced two new advanced certificates in data protection principles and operational requirements, leading to an Advanced Diploma in Data Protection. Credits for the advanced certificates can be accumulated in a modular fashion, and many readers will be happy to note that module exemptions will be granted for IAPP members with CIPP/A, CIPP/E, CIPM or CIPT certification. A Professional Conversion Programme has also been launched with the support of Workforce Singapore and SkillsFuture Singapore to provide skills conversion for PMETs interested in being trained and placed into the role of a data protection officer.

Minister Iswaran also announced the launch of the pilot for the Data Protection Trust Mark certification scheme. Three independent assessment bodies have already been appointed to assess if applicants have data protection practices aligned to DPTM certification requirements developed by the PDPC. Eight organizations have applied to be in the initial batch of companies in the pilot programme, and other organizations interested in joining the pilot can register by 30 Sept.

It has taken me a tremendous amount of self-restraint to avoid bringing up the one topic that was discussed ad nauseam during those couple of days and has continued to dominate headlines in Singapore until now: the elephant in the room that is, of course, the SingHealth data breach. Suffice to say that the contagion appears to have spread beyond our sunny shores to Australia, with increased scrutiny on the My Health Record system and the private health sector being singled out as having the highest number of breaches by the Office of the Australian Information Commissioner.

With that said, I hope you enjoy the articles in the Dashboard Digest and the weekend ahead.


If you want to comment on this post, you need to login.