"If the proposed revisions to the bill gets the green light, local companies will have to adhere to the regulation, provide greater transparency and quicker turnaround time to report the necessary information to the relevant authorities. Failure to do so will result in dire consequences, which can in turn affect brand reputation and customers' confidence in the brand," said Chin in an e-mail sent to Computerworld Singapore.
On another note, Chin believes the proposed amendments are vital for local companies, especially with the recent cybercrime incidents that hit some companies in Singapore. "Besides instilling discipline to ensure better data management practices, the proposed revision to the law will build the foundation for stronger and better data management policies at the enterprise and national level," she explained.
Other measures for data protection
Besides the public consultation for PDPA proposals, the PDPC launched three initiatives to improve Singapore's data protection ecosystem.
The commission published a new guide for companies to identify the right approach for sharing personal data within and between organisations in compliance with PDPA.
In addition, the PDPC will launch a Data Protection (DP) Trustmark certification scheme to help facilitate organisations' ability to exchange information overseas. The commission plans to conduct an industry consultation this quarter for the scheme and launch it by end of 2018.
Lastly, Singapore recently submitted its Notice of Intent to join the Asia-Pacific Economic Cooperation's (APEC) Cross-Border Privacy Rules (APEC CBPR) and Privacy Recognition for Processors (PRP) systems.
The APEC CBPR is a voluntary accountability-based system that facilitates data flows among APEC economies, while PRP is a recognition system for personal information processors.
The systems will help certified organisations in Singapore facilitate their data flows among organisations in participating economies in the Asia Pacific.
Sign up for CIO Asia eNewsletters.