Public Sector Data Security Review Committee appointed in Singapore
Singapore Prime Minister Lee Hsien Loong recently announced the appointment of a Public Sector Data Security Review Committee to conduct a comprehensive review of data security practices across the entire public service.
The committee will look at measures and processes related to the collection and protection of citizens’ personal data by public sector agencies, as well as by vendors who handle personal data on behalf of the government, according to a statement issued on March 31 by the Prime Minister’s Office (PMO).
Deputy Prime Minister and Coordinating Minister for National Security Mr Teo Chee Hean will be the chair for the committee, which also includes private sector representatives with expertise in data security and technology. Ministers involved in Singapore’s Smart Nation efforts – Dr Vivian Balakrishnan, Mr S Iswaran, Mr Chan Chun Sing, and Dr Janil Puthucheary – will also be part of the committee.
The committee will review how the government is securing and protecting citizens’ data from end to end, including the role of vendors and other authorised third parties. It will also recommend technical measures, processes and capabilities to improve the government’s protection of citizens’ data, and response to incidents. An action plan of immediate steps and longer term measures to implement the recommendations will be developed as well.
International experts and industry professionals, from both the private and public sectors, will also be consulted by the committee, and an inter-agency taskforce formed by public officers across the entire public sector will support the committee.
Although security measures such as the Internet Surfing Separation policy in 2016 and the disabling of USB ports from being accessed by unauthorised devices in 2017 have been implemented across the public sector to safeguard sensitive data, the PMO said that the review is “essential to uphold public confidence and deliver a high quality of public service to our citizens through the use of data.”
The Public Sector Data Security Review Committee was appointed in light of a series of four data-related incidents that occurred to the Health Ministry in the past 10 months. Notably, the Health Sciences Authority (HSA) also said in a statement on March 30 that one of its vendors, Secur Solutions Group (SSG), reported that there was more unauthorised access to the personal information of 800,000 blood donors as previously reported. The data was uploaded online and left unsecured over a period of two months.
The Committee will submit its findings and recommendations to the Prime Minister by November 30 2019.