Personal Data Protection Act
- What is the Personal Data Protection Act?
The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.
1.2 What is Personal Data?
Personal data refers to data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which the organisation has or is likely to have access. Personal data in Singapore is protected under the Personal Data Protection Act 2012 (PDPA).
- AGHRM compliance to PDPA
1.3.1 Where is AGHRM storing our data?
AGHRM is hosting with Amazon Web Services but AGHRM is using their Singapore data centre for the deployment of our services. This is compliant with item 26 of the PDPA which requires data to be stored in Singapore.
1.3.2 What security measures that AGHRM undertakes to ensure the safety of our data?
AGHRM safeguard our customers’ data via a multi-pronged approach.
- Transmission – All hosted users access our website via 2048bit SSL (Secured Socket Layer) to ensure that all data transmitted via the Internet is encrypted and cannot be intercepted.
This is reviewed annually to ensure that the encryption strength keeps up with technological advances.
- Password Policy – AGHRM comes with password policy features that allow the administrator to implement password policies that can support:
- Minimum and Maximum password length
- Maximum password age
- Enforce password history
- Complex password
- Network Security – AGHRM host with Amazon web services and we are leveraging on Amazon global infrastructure to provide world-class network protection to our customers. For more details about Amazon Security Infrastructure, please go to the following URL for more details.
- Non-disclosure Agreement – AGHRM has a standard non-disclosure clause with all customers as part of our standard agreement. AGHRM may also have a separate Non-Disclosure Agreement signed with specific customers.
Employee information is deemed too confidential information which AGHRM is bounded by the above- mentioned agreements. All our employees also sign NDA agreement with AGHRM not disclose any confidential information about our customers.
1.3.3 What is the disaster recovery plan for AGHRM?
Please refer to Section 2.5 on AGHRM’s business continuity plan.
1.3.4 What happens to the customers’ data upon termination of AGHRM services?
Typically, AGHRM requires at least 30 days’ notice in writing for any termination of services. (The period may vary from contract to contract)
During the notice period, the customer can make use of the reporting and export functions available in the system to export their data into CSV. Once the service is terminated, AGHRM will purge all copies of the customers’ data within 30 days from the date of service termination.
1.4 AGHRM compliance to proposed NRIC advisory guidelines
1.4.1 Why is the collection of NRIC number and retention of physical NRIC of concern?
- NRIC number is a permanent and irreplaceable unique identifier assigned by the Government and is often used for transactions with the Government and certain commercial transactions (e.g. banking, seeking medical treatment)
o Can be used to unlock large amounts of information relating to the individual
o If not protected, may be used for illegal activities (e.g. identity theft and fraud)
- Physical NRIC not only contains the NRIC number, but also other personal data (e.g. individual’s full name, photograph, thumbprint and residential address)
- Excessive collection of personal data when retaining the physical NRIC or collecting a copy of NRIC
1.4.2 Public consultation on PDPC’s proposed NRIC advisory guidelines
PDPC issued a public consultation paper between Nov to Dec 2017 to seek views on:
- Revised chapter on NRIC numbers in the Advisory Guidelines on Selected Topics in the PDPA; and
• Proposed Technical Guide that provides guidance on the alternatives that can be considered in place of the NRIC number as a unique identifier used in websites and systems.
1.4.3 Proposed Guidelines
Organisations should not collect NRIC numbers (or copy) unless:
- Required under the law (or an exception under PDPA applies); or
- Necessary to accurately establish or verify the identity of the individual to a high level of fidelity
Organisations that collect a copy of NRIC must ensure it is not collecting excessive personal data contained in the copy for other intentions.
For HR system specifically:
- Should not collect NRIC number during the job application phase
- OK to collect NRIC number when the employment relationship is established (covered under the Employment Act)
1.4.4 AGHRM’s compliance
- Employee ID – This is a unique identifier of the employee within the system and the value of this field is displayed across the system.
Below is a screenshot of AGHRM’s employee creation screen:
Login Name is the field that we use as the basis of identifying each employee. The only constraint is that it cannot be duplicated within the same group of companies. It is a free text field and accepts alphanumeric characters.
There are 2 options for the customer to manage this field:
- System generated employee number
- Manual entry
With reference to Q3 of the declaration form, customers can change the ID to any value as long as it is unique within the same group of companies.
b. ID Card No – This is the actual field that stores ID Card No which is submitted to various government agencies for reporting purposes. In Singapore’s context, it would be:
- CPF Board
iii. Ministry of Health – We also provide our solutions to around 11 nursing homes in Singapore which need to the report staffing information to the Ministry of Health under the ILTC portal.
We are committed to supporting this initiative by IMDA and will be implementing the following changes our system by Q4 2018
- ID Card No field will be encrypted.
- As the Employee ID field can be entered manually, we are also planning to provide mass upload tool to allow customers who is using NRIC number as the employee id to change accordingly.