“Protection Obligation” Singapore PDPA Preventive measure 9 Obligations to follow PDPA (No.6)
6th Obligation (6/9)
What is Protection Obligation ?
The Protection Obligation (PDPA section 24): An organization must protect personal data in its possession or under its control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.
These are some of the steps to protect the personal data
( to know more, do contact Mamoru Singapore for our workshops) :
- Create the awareness of PDPA among your staff/colleagues
- Information security guidelines and policies to be followed by the staff/colleagues
- Remind each other about the importance of information security
- Identify the Personal Data information that needs to be secure and lock
- Documents are kept in secure cabinets or drawers (lock them up)
- Optional : CCTVs, doors/partitions
Access, Collection, Use, Disclosure, Copying and Modification
- During collection, be aware of the surrounding incase of spying eyes
- Limit the access of these information ( create passwords / lock in cabinets)
- Create passwords for these documents and encrypt them before sending
- Documents and information needs to have retention period. Once they have “expire” they, need to be disposed in the secure manner.
- Hard copies : Mamoru-kun have “no hands policies” hence your documents are in safe hands when pass to us for disposal. Other options will be to shred the documents before throwing.
- Softcopies : Delete the documents. If needed, the old computers/hardisk/servers can be collected Mamoru for destruction.
If you do have further enquiries about this obligation, feel free to contact MAMORU Singapore.