■ ■ Observe and enforce. In April 2016, Singapore revised its Personal
Data Protection Act (PDPA) to provide a broader spectrum of
powers for regulators to investigate data privacy violations.
■ ■ Regionalreputation. While the size of the fines for non-compliance is relatively tame
in comparison to countries in the European Union or the United States, the real cost
of an investigation comes in the form of highly negative publicity in the region.
■ ■ Avoid being a target. Organizations operating in Singapore should
conduct regular privacy and security assessments to ensure
they are in compliance with data privacy regulations.
■ ■ Teach to triage. Training employees to detect issues and prevent serious security
incidents is an effective way to mitigate the risk of a data security violation.
By Daniel Wang and David Chen
Over the past decade, there has been an explosion of
new data privacy laws in Asia. While certain countries
like Malaysia do not actively police their own privacy
laws, a number of others, including Singapore, have
substantially increased enforcement actions.