What:
"Farrer Park Hospital has been fined S$58,000 over a data breach that led to the confidential medical information of almost 2,000 people being automatically forwarded to a third party"
Farrer Park Hospital has been fined by the Personal Data Protection Commission (PDPC) for a data breach that exposed the personal and medical information of over 7,000 patients. The hospital had failed to implement proper security measures for the storage of patients' data and had also failed to adequately train its staff on data protection policies and practices. The fine serves as a reminder to organizations of the importance of securing sensitive personal and medical information and the consequences of non-compliance with data protection regulations.
PDPA matters:
If a data breach happens and it affects more than 500 people, the organization needs to report it to the commissioner within 72 hours. The data breach is considered significant if it includes information such as the person's full name, identification number, and account information (such as passwords). The organization needs to report the breach to the Commission as soon as they become aware of it.
Read more: https://sso.agc.gov.sg/SL-Supp/S64-2021/Published/20210129?DocDate=20210129