SINGAPORE
A suite of new security measures to safeguard citizens’ personal data are to be adopted in Singapore after a spate of breaches in the past year.
A spokesperson from the Smart Nation and Digital Government Office said the measures, some of which were already in place, aimed to make databases unusable if information had been wrongfully extracted from them, would detect unusual data transmissions and limit users’ access rights.
“Sensitive files have to be encrypted, and highly sensitive attributes of individuals, such as one’s HIV status, are to be hidden away in a separate system with tighter controls,” the spokesperson said.
“The personal information of Ministers and other important people will also be kept in separate systems with more stringent protection.”
The technical measures are the first of more to come from a new Public Sector Data Security Review Committee, which was convened by Prime Minister, Lee Hsien Loong in April.
The Committee conducted a Government-wide stocktake of how data was managed at five key Agencies that handled the medical and financial data of citizens.
The spokesperson said the measures conformed to a common definition of what was entailed for sensitive information as outlined in the new Information Sensitivity Framework, and would replace the current practices by Agencies, many of which devised the practices themselves.
“More measures, including ways to better manage third-party vendors and train Public Servants on data security practices to prepare Singapore for a safer digital future, will be revealed later and will be included in the Committee’s final report due in November,” the spokesperson said.
“These include measures to better ensure high data protection standards by third parties that handle Government data.”
Singapore, 16 July 2019
