Parliament Sitting on 6 August 2018

QUESTION FOR WRITTEN ANSWER


*2121. Mr Melvin Yong Yik Chye: To ask the Minister for Communications and Information (a) what is the projected number of Data Protection Officers (DPO) needed in Singapore for the next five years; (b) what is the current shortfall; and (c) what is the Ministry's plan to train and deploy more DPOs.

Answer: 

Mr Speaker, it is mandatory under the Personal Data Protection Act, or PDPA, for all private-sector organisations to designate one or more individuals as a Data Protection Officer, or DPO. The DPO is responsible for ensuring that the organisation complies with the PDPA.

2 According to a 2018 survey commissioned by the Personal Data Protection Commission, or PDPC, close to 60% of private sector organisations in Singapore have appointed at least one DPO. This represents a six percentage point increase from the previous year. PDPC is studying this issue closely, with a view to increasing both the numbers and capabilities of DPOs.  

3 There are two parts to my Ministry and PDPC’s plan to train and deploy more DPOs. Firstly, we are developing and supporting training programmes for DPOs. For example, since 2014, PDPC has developed an e-learning programme for DPOs to learn about the fundamentals of the PDPA.

4 PDPC is supplementing this by rolling out more advanced training programmes to enhance DPOs’ skills. These include the Professional Conversion Programme for DPOs, which started last month, and the Practitioner Certificate for Personal Data Protection Preparatory Course, which starts in October this year. In addition, PDPC has supported the development of personal data protection-related courses to be taught at the National University of Singapore and Singapore Management University starting this academic year, through which graduates can attain professional, internationally recognised certification.

5 The second part of our strategy is to foster a collaborative environment where DPOs can learn best practices. PDPC is making Singapore a training hub for data protection professionals in the region by anchoring data protection-related events here, such as the annual Personal Data Protection Seminar hosted by PDPC. PDPC is also encouraging the formation of more communities of practice, such as AsiaDPO and the Law Society’s Cybersecurity and Data Protection Committee.

6 While we continue to grow and deepen the pool of DPOs, organisations must also do their part by appointing and supporting their DPOs. By doing so, organisations will not just comply with the PDPA, but more importantly, build consumer trust in their ability to use and safeguard personal data responsibly. 

 
Minister For Communications And Information Directs POFMA Office To Issue Disabling Order Press Releases Infocomm Media 17 Feb 20
“States Times Review Facebook Page” Declared as a Declared Online Location Under POFMA Press Releases Infocomm Media 15 Feb 20
MCI's response to PQ on the work of the Advisory Council on the Ethical Use of AI and Data Parliament QAs Personal Data 03 Feb 20
Lifting of Temporary Exemptions from General Correction Directions Press Releases Infocomm Media 30 Jan 20
MCI directs IMDA to issue Access Blocking Orders Press Releases Infocomm Media 23 Jan 20
Remarks by Mr S Iswaran, Minister for Communications and Information, at the International Chamber of Commerce "Taking Trade Digital" Forum on 22 Jan 2020 Speeches Infocomm Media 22 Jan 20