Parliament Sitting on 6 August 2018

QUESTION FOR WRITTEN ANSWER


*2121. Mr Melvin Yong Yik Chye: To ask the Minister for Communications and Information (a) what is the projected number of Data Protection Officers (DPO) needed in Singapore for the next five years; (b) what is the current shortfall; and (c) what is the Ministry's plan to train and deploy more DPOs.

Answer: 

Mr Speaker, it is mandatory under the Personal Data Protection Act, or PDPA, for all private-sector organisations to designate one or more individuals as a Data Protection Officer, or DPO. The DPO is responsible for ensuring that the organisation complies with the PDPA.

2 According to a 2018 survey commissioned by the Personal Data Protection Commission, or PDPC, close to 60% of private sector organisations in Singapore have appointed at least one DPO. This represents a six percentage point increase from the previous year. PDPC is studying this issue closely, with a view to increasing both the numbers and capabilities of DPOs.  

3 There are two parts to my Ministry and PDPC’s plan to train and deploy more DPOs. Firstly, we are developing and supporting training programmes for DPOs. For example, since 2014, PDPC has developed an e-learning programme for DPOs to learn about the fundamentals of the PDPA.

4 PDPC is supplementing this by rolling out more advanced training programmes to enhance DPOs’ skills. These include the Professional Conversion Programme for DPOs, which started last month, and the Practitioner Certificate for Personal Data Protection Preparatory Course, which starts in October this year. In addition, PDPC has supported the development of personal data protection-related courses to be taught at the National University of Singapore and Singapore Management University starting this academic year, through which graduates can attain professional, internationally recognised certification.

5 The second part of our strategy is to foster a collaborative environment where DPOs can learn best practices. PDPC is making Singapore a training hub for data protection professionals in the region by anchoring data protection-related events here, such as the annual Personal Data Protection Seminar hosted by PDPC. PDPC is also encouraging the formation of more communities of practice, such as AsiaDPO and the Law Society’s Cybersecurity and Data Protection Committee.

6 While we continue to grow and deepen the pool of DPOs, organisations must also do their part by appointing and supporting their DPOs. By doing so, organisations will not just comply with the PDPA, but more importantly, build consumer trust in their ability to use and safeguard personal data responsibly. 

 
Government Accepts In-Principle Select Committee’s Recommendation For Multi-Pronged Response To Tackle Deliberate Online Falsehoods Press Releases Infocomm Media 20 Sep 18
Schedule of Public Hearing Convened by COI into the Cyber Attack on SingHealth Press Releases Cyber Security 20 Sep 18
ASEAN Members States Agree To Strengthen Cyber Coordination and Capacity-Building Efforts Press Releases Cyber Security 19 Sep 18
Opening Remarks by Mr S Iswaran, Minister for Communications and Information, At The ASEAN Ministerial Conference on Cybersecurity, on 19 September 2018 Speeches Cyber Security 19 Sep 18
Speech by DPM Teo Chee Hean At The Opening Of The Third Singapore International Cyber Week on 18 September 2018 Speeches Cyber Security 18 Sep 18
Speech By Mr S Iswaran, Minister for Communications and Information, at the Minds Film Festival on 15 September 2018 Speeches Infocomm Media 15 Sep 18