It has been reported on the PDPC website that non-profit Company A has been fined a total sum of 14,000 due to hacked databases that were made available for download on hacking forums and Telegram channels.
This fine has been a result of data protection infringements under the Personal Data Protection Act (PDPA) as Company A has failed to implement safety measures to protect the personal data of 5,131 members and non-members under the Protection Obligation.
The types of data that were affected included information on names, encrypted passwords, e-mail addresses, telephone numbers and birth dates of the users.
On January 14th, PDPC also noted the Company had no written policies and practices and the company did not appoint a data protection officer (DPO).
In light of this incident, we would like to share the importance of PDPA and how it can affect your business.
Why is PDPA important?
All data collected that is identifiable to an individual which any business handles need to be well protected.
With the advancements in technology, this trend has been growing exponentially and is becoming more relevant to business owners.
The failure to comply with the Act will result in serious consequences for businesses as seen above.
Who should comply with the PDPA?
PDPA is applicable to any and every company that collects & processes personal data. Exceptions apply, please check with us if you wish to know more about firstname.lastname@example.org
Why is PDPA important for my business?
In today’s digital world, companies are collecting more and more personal data evidently. We collect these data to help us grow our business through digital marketing.
With this, it is, therefore, important for companies to have in place policies and practices to handle these data assets.
More importantly, we should have in place strategies to protect these data.