SINGAPORE: A committee tasked with reviewing data security practices across the entire public service held its inaugural meeting on Thursday (Apr 18).
The Public Sector Data Security Review Committee was convened by Prime Minister Lee Hsien Loong last month to look into how the Government secures and protects citizens’ data from end to end, including the role of vendors and other authorised third parties. It is expected to submit its recommendations by Nov 30.
The committee was formed following a series of cyber security breaches and incidents over the past year, including the data leak of more than 14,000 HIV-positive people.
At its first meeting, the committee reviewed past incidents and discussed the approaches adopted by other jurisdictions, according to a press release from the Smart Nation and Digital Government Office.
It also discussed broad approaches to improve data security, so that the Government can use data to deliver services and conduct planning and policy development.
Chaired by Deputy Prime Minister and Coordinating Minister for National Security Teo Chee Hean, the 10-member committee comprises both ministers and private sector professionals with expertise in data security and technology.
The other ministers in the committee include Dr Vivian Balakrishnan, Mr S Iswaran, Mr Chan Chun Sing, and Dr Janil Puthucheary, who are involved in Singapore's Smart Nation initiative.
The non-government members are: Professor Anthony Finkelstein, chief scientific adviser for national security for the United Kingdom government; Mr David Gledhill, chief information officer and managing director and head of group technology and operations at DBS; former KPMG partner Ho Wah Lee; Ensign Infosecurity chairman Lee Fook Sun; and Optum CEO Sir Andrew Witty.
The committee is also supported by an inter-agency taskforce formed by public officers across the Government, said the Smart Nation and Digital Government Office in its release.
It will also be consulting a separate expert group of seven individuals selected for their experience and expertise in digital technology and data protection, the release said.
They include Professor Simon Chesterman, dean of National University of Singapore Faculty of Law; Mr Keng Seng Wei, managing director of technology services and information security services at DBS; Dr Lee Shiang Long, president of land systems at ST Engineering; and Dr Robert Morris, chief technology strategist at Ministry of Health Office for Healthcare Transformation and professor at Yong Loo Lin School of Medicine at National University of Singapore.
They also include Mr Huey Tan, president of Asia Data Protection Officers and senior privacy counsel, Asia-Pacific at Apple; Mr Arthur Wong, CEO of cybersecurity at Singtel; and Ms Wu Choy Peng, chief technology officer at GIC.
"The Committee and inter-agency taskforce may invite more experts to join the group, and engage members of the public and business communities, as they undertake the review," said the Smart Nation and Digital Government Office.
While the committee is scheduled to submit its recommendations by Nov 30, the Government may announce data security measures that can be implemented earlier, the release said.
Earlier this year, the HIV-positive status of more than 14,000 people was leaked online along with confidential information such as their identification numbers and contact details.
The Ministry of Health has also recently revealed several cases in which information was mishandled by IT vendors.
About 7,700 individuals received inaccurate healthcare and subsidies under the Community Heath Assist Scheme last year due to an error in a computer system.
Separately, the personal information of more than 800,000 blood donors in Singapore was exposed on the Internet for more than nine weeks from Jan 4 before authorities were alerted to it by a cybersecurity expert.