Singapore data protection compliance 13 September 2012.

Slides:

Advertisements

Similar presentations

VOLUNTARY PRINCIPLES ON SECURITY & HUMAN RIGHTS. What are the Voluntary Principles? Tripartite, multi-stakeholder initiative Initiated in 2000 by UK Foreign.

Advertisements

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Presentation to the Association of Municipal Administrators of New Brunswick 2013 Annual Conference Shediac, NB – June 14, 2013.

Freedom of Information Act 2000 and the PCT Audit Procedure Background: The Act was passed in November The Act will be fully in force by January.

Department of Arts and Culture Briefing on the Use of Official Languages Bill to the Select Committee on Education and Recreation Date:15 August 2012.

The International Security Standard

Article XXXVI – Signature, ratification, acceptance, approval or accession 1. – This Protocol shall be open for signature in Berlin on 9 March 2012 by.

Presentation of the ECB Framework Regulation Organisational aspects

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

The Data Protection (Jersey) Law 2005.

September 14, U.S.C. 103(c) as Amended by the Cooperative Research and Technology Enhancement (CREATE) Act (Public Law ) Enacted December.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

Hong Kong Privacy Code on Human Resource Management

Data Protection and Records Management

Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

Tina Kraigher and Milena Podjed-Fabjančič 18 April 2010 Processing of Telephone Traffic Data of Employees ( a Case Study )

13 July 2006Susan Joseph Health Privacy It’s My Business Health Records Act 2001 (Vic) eReferral Service Co-ordination System.

1 driven by knowledge and experience 1 CHARITIES ACT 2009 ELECTORAL ACTS 1997 – 2002 PRESENTATION BY JOE O’MALLEY Partner At OPEN on 29 June 2011.

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

NEBOSH LEVEL 6 NATIONAL DIPLOMA MODULE A: MANAGEMENT OF HS LESSON 9 : CRIMINAL LAW Part One: HASAWA 1974.

Highlights of Limited Liability Partnership Bill, 2008 By: Ankesh Gupta.

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Implementation of EU Electronic Communication Directives.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

ABR224 Lecture 3 EEA. DUTIES OF DESIGNATED EMPLOYER [Sect. 13]  1) Consultation with Employees:  In order to ensure consensus regarding the implementation.

Lecture 4. OUTCOMES What must the equity plan include?. What must affirmative action measures include? Which factors are taken into account in determining.

Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.

Greater Toronto Hockey League The Implementation of PIPEDA and Amateur Sports – A Case Study.

Capital Markets Authority September 20, 2013 Turkish-Arab Capital Markets Forum 1.

The Data Protection Act [1998]

Data Protection and Records Management. Key Responsibilities - Record Management Keep Information Accurate Disclose only if compatible with purpose for.

BC Public Libraries November, 2008 Privacy Principles.

EU Legislation Rob Schnepper April 2003 Riga, Latvia.

STUDENT JUDICIAL AFFAIRS Balancing the Principals of Natural Justice with Requirements of Privacy Legislation CCSJA March 23, 2006 Harry Davis Deborah.

OHS Seminar DO THE TIME – avoid the crime! Miles Crawley 8 June 2007.

DRAFT Proposed Sexual Harassment Policy Office of General Counsel Southern Illinois University September 2008.

The new UK competition regime Howard Cartlidge. Cookie Amnesty ends September/ October April 2014 May 2015 What’s on the horizon?

Malcolm Crompton APEC Information Privacy Framework: review, impact, & progress APEC Symposium on Information Privacy Protection in E Government & E Commerce.

INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.

An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.

Data Protection in a Workplace Context. Layout of Presentation Background to Data Protection Role of Data Protection Commissioner Principles of Data Protection.

BRIEFING ON FREEDOM OF INFORMATION FOI COALITION FOR GOOD GOVERNANCE (CGG) 7 OCTOBER 2009.

India Data Privacy Law – Its impact on Business Ecosystem Shivaji Rao, Regional General Counsel, Asia PAC and Sub-Saharan Africa, John Deere.

Implementing the New EU General Data Protection Regulation Conference 2016 Preparing for a DP audit Ashley Roughton Nabarro LLP.

Technical Assistance Office TCP Projects 2005 Contractual and Financial Management Administrative and Financial Handbook Prepared by IA, 14/12/2001 SOCRATES.

1. TEMPUS PROGRAMME PROJECT REPRESENTATIVES’ MEETING Brussels, March 2010 Management of the Grant Agreement.

Finance Directors Business Strategy Meeting 2003 Berkeley Court Hotel 18 February 2003.

Information Security TechLink Seminar, 17 April 2013 James Knapton, Information Compliance Officer, Registrary’s Office.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

Collaborative Working & Best Practice A Seminar by the Public Services Ombudsman for Wales.

Data protection—training materials [Name and details of speaker]

Key Points for a Privacy Programme for Multinationals Steve Coope.

1 The balance between access to public information and personal data protection: The German Experience Sven Hermerschmidt, Office of the Federal Commissioner.

What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.

Understanding Privacy An Overview of our Responsibilities.

General Data Protection Regulation (EU 2016/679)

Nassau Association of School Technologists

Accountability & Structured Privacy Management

Privacy principles Individual written policies

New challenges for archives in Iceland

General Data Protection Regulations: what you really need to know

General Data Protection Regulation

On the Cutting Edge – Update on Privacy Legislation

Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.

Getting Ready For GDPR Simon Marks Director

Presentation transcript:

Singapore data protection compliance 13 September 2012

Singapore Personal Data Protection Bill Where are we? Revised bill published 10 Sept First reading in Parliament 11 Sept Expected to become law before end 2012 s68 transitional provisions – up to 2 years for sunrise (18 months proposed) Why? Not driven by human rights (cf EU DP Law - Art 8 ECHR) Primary reason international competitiveness Need for ‘equivalency’ for art 27 transfers Plus some populist consumer protection measures: DNC

The basics (s3) “collection, use and disclosure” key actions regulated by Act extra-territorial ‘link’ in prior draft now removed “organisation responsible for personal data under its possession or control” s11(2) “by organisation” entities formed or recognised by Singapore law; or Resident, having office or place of business in Singapore “of personal data” data about an individual who can be identified from that data from that data and other data available to organisation nb business contact exclusion

Express obligations (s12) Organisations shall: (a)develop and implement policies and practices that are necessary for the organisation to meet the obligations of the organisation under this Act; (b)develop a process to receive and respond to complaints that may arise with respect to the application of this Act; (c)communicate to its staff information about the organisation’s policies and practices referred to in paragraph (a); and (d)make information available on request about (i)the policies and practices referred to in paragraph (a); (ii)the complaint process referred to in paragraph (b). Designate individuals to be responsible for compliance - s 11(3)

“Collection, use and disclosure” Collection Consent: express and ‘deemed’ (Part IV, Div 1) Use Purpose: reasonable and communicated (Part IV, Div 2) Individual access and correction (Part IV, Div 3) Ensure accuracy (s23) Protection: “reasonable security arrangements” (s24) Not retained longer than necessary (s25) Disclosure Not transferred outside Singapore unless ‘comparable protection’ (s26) More detail to follow. We expect outcome to be same as EU list. Otherwise Singapore won’t qualify for transfers from EU!

Other provisions Officers of body corporate may be personally liable (s52) Vicarious liability of employers (s53) Fines $10,000, plus $1,000 per day. Imprisonment up to 3 years (s56) Data protection commission and admin body set up (Part II) Enforcement (Part VII) ADR may be used for individual complaints Commission directions, may be enforced in court Right of private action Appeal process (Part VIII) Do not call registry (Part IX) Specific rules for telemarketing Calls and texts Power of Commission to investigate (s50 and Schedule 9)

Ensuring compliance

Keep it simple Audit and analysis Recommendations Documents Process changes Training

Don’t panic! For more information please contact: Rob Bratby