Singapore plans data protection certification

Out-Law News | 15 Mar 2017 | 11:37 am |

Singapore's data protection authority is developing a certification programme for local data protection officers (DPOs).

The Personal Data Protection Commission (PDPC) hopes that the programme will also raise the profile of the role and attract more applicants with an interest in data protection, the Straits Times said.

Tan Kiat How, commissioner of the Personal Data Protection Commission (PDPC) told newspaper: "Certification will accord DPOs with professional recognition and equip them with the skills and knowledge to better carry out their responsibilities."

The PDPC confirmed that "a certification programme to professionalise DPOs" is being developed, and said details will be released "in due course".

Under Singapore's Personal Data Protection Act, which came into effect in July 2014, all organisations must have a DPO in place to safeguard against the wrongful collection, use and disclosure of personal data for marketing. However, a PDPC survey of 1,513 organisations last year found that only about 40% of organisations in Singapore have a DPO on their payroll, the Straits Times said.

In May 2016 the PDPC released details for the first time of the enforcement actions it has taken on data protection cases. The PDPC gave details of nine cases where companies were fined or warned for failure to comply with the data protection provisions of the Personal Data Protection Act (PDPA).