Skip to main content

Advertisement

Advertisement

Committee formed to review data security practices across the public sector

SINGAPORE — In the wake of several data-related incidents over the past year, Prime Minister Lee Hsien Loong has formed a committee to conduct a comprehensive review of data security practices across the entire public service.

In the incident involving the Health Science Authority, blood donors had their NRIC, gender, number of blood donations, dates of the last three blood donations, and in some cases, blood type, height and weight, leaked on the Internet for two months until a cyber-security expert found the loophole and informed the authorities on March 13.

In the incident involving the Health Science Authority, blood donors had their NRIC, gender, number of blood donations, dates of the last three blood donations, and in some cases, blood type, height and weight, leaked on the Internet for two months until a cyber-security expert found the loophole and informed the authorities on March 13.

Follow us on Instagram and Tiktok, and join our Telegram channel for the latest updates.

SINGAPORE — In the wake of several data-related incidents over the past year, Prime Minister Lee Hsien Loong has formed a committee to conduct a comprehensive review of data security practices across the entire public service.

In a press release issued on Sunday (March 31), the Prime Minister’s Office (PMO) said that the committee will look at measures and processes related to the collection and protection of citizens’ personal data by public sector agencies, as well as vendors who handle personal data on behalf of the Government.

The committee will recommend technical measures, processes and capabilities to improve the Government’s protection of citizens’ data and its response to incidents.

It will also develop an action plan with immediate steps and long-term measures.

The committee will be chaired by Deputy Prime Minister Teo Chee Hean, who is also the minister-in-charge of public sector data governance.

Other members include ministers involved in the country’s Smart Nation efforts — Dr Vivian Balakrishnan, Mr S Iswaran, Mr Chan Chun Sing and Dr Janil Puthucheary — as well as data security and technology experts from the private sector.

The committee will consult with international experts and industry professionals from the private and public sectors. An inter-agency taskforce, comprising public officers across the whole Government, will support its efforts.

The committee will submit its findings and recommendations to Mr Lee by Nov 30 this year.

While the Government has progressively enhanced security measures to safeguard sensitive data over the years, it acknowledged that recent incidents — such as the HIV data leak and SingHealth cyber attack — have “underlined the urgency to strengthen data security policies and practices in the public sector”.

The security measures included disallowing unauthorised USB storage devices to be used at all public sector agencies in 2017, and cutting off Internet access from public servants’ work computers in 2016.

The Government also stepped up internal IT audits, and introduced measures in 2018 to detect and respond more quickly to cyber threats targeting critical government databases.

“This review will help to ensure that all public sector agencies maintain the highest standards of data governance. This is essential to uphold public confidence and deliver a high quality of public service to our citizens through the use of data,” the PMO added.

DATA INCIDENTS

June to July 2018: Hackers broke into SingHealth's IT systems to steal the personal data of 1.5 million patients, as well as the outpatient medical records of 160,000 of them, including that of Mr Lee. It is considered the most serious breach of personal data in Singapore’s history.

January 2019: American fraudster Mikhy K Farrera-Brochez leaked online the confidential records of 14,200 individuals diagnosed with the human immunodeficiency virus, including those of 5,400 Singaporeans and permanent residents.

February 2019: Human error led to about 7,700 people receiving the wrong healthcare subsidies under the Community Health Assistance Scheme (Chas).

March 2019: A vendor of the HSA compromised the data of more than 800,000 blood donors. In an update on Saturday, it was revealed that the information was illegally accessed and possibly extracted.

Read more of the latest in

Advertisement

Popular

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.