What Are The Learning Points From A Personal Data Protection Breach In An Organization?

        It has been reported on PDPC website that non-profit Company A has been fined a total sum of 14,000 due to hacked databases that were made available for download on hacking forums and Telegram channels.

This fine has been a result of data protection infringements under the Personal Data Protection Act (PDPA) as Company A has failed to implement safety measures to protect personal data of 5,131 members and non-members under the Protection Obligation.

 

The types of data that were affected included information on names, encrypted passwords, e-mail addresses, telephone numbers and birth dates of the users.

 

On January 14^th, PDPC also noted the Company had no written policies and practices and the company did not appoint a data protection officer (DPO).

 

In light with this incident, we would like to share the importance of PDPA and how it can affect your business.

 

Why is PDPA important?

 

All data collected that is identifiable to an individual in which any business handles need to be well protected.

 

With the advancements of technology, this trend has been growing exponentially and are becoming more relevant to business owners.

 

The failure to comply with the Act will result in serious consequences to businesses as seen above.

Why is PDPA important for my business?

 

In today’s digital world, companies are collecting more and more personal data evidently. We collect these data to help us grow our business through digital marketing.

 

With this, it is therefore, important for companies to have in place policies and practices to handle these data asset.

 

More importantly, we should have in place strategies to protect these data.