Singapore applies drastic measures to protect personal data
The entire public service of Singapore will have to conform to a common framework to safeguard citizens' personal data, beginning with 13 new measures developed after a spate of breaches in the past year, reported local media.
Illustrative image (Source: .straitstimes.com) |
These digital measures, some of which are being put in place, aim to make databases unusable if information has been wrongfully extracted from them, detect unusual data transmissions and limit users' access rights.
Sensitive files have to be encrypted and highly sensitive attributes of individuals, such as one's HIV status, are to be hidden away in a separate system with tighter controls.
All the 13 measures will eventually be deployed to accord the highest level of protection for the most sensitive information. For instance, the database of patients with infectious diseases and individuals who were bankrupt will have the highest form of protection involving most, if not all, of the 13 measures.
The technical measures announced on 15 July are the first of more to come from a new Public Sector Data Security Review Committee, which was convened by Singaporean Prime Minister Lee Hsien Loong in April this year.
The committee was formed after a spate of cyber-security breaches over the past year, with the latest involving the personal data of more than 800,000 blood donors accessed illegally and uploaded on an unauthorised server for more than two months.
Singapore's worst cyber-attack happened in June last year and involved the database of Singapore's largest public healthcare cluster SingHealth. Hackers made away with the personal data of 1.5 million patients and the outpatient prescription information of 160,000 people, including Prime Minister Lee Hsien Loong.
(Source: VNA)