Support Centre

You have out of 10 free articles left for the week

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Singapore: PDPC issues warning to Jean Yip Salon for failing to put in place reasonable security arrangements

The Personal Data Protection Commission ('PDPC') announced, on 3 August 2020, that it had issued a warning to Jean Yip Salon Pte Ltd for failing to put in place reasonable security arrangements to prevent the unauthorised disclosure of personal data of 28 of its employees in breach of Section 24 of the Personal Data Protection Act 2012 (No. 26 of 2012). In particular, the PDPC highlighted that Jean Yip Salon had opened public access to a server without ascertaining what it hosted, and therefore had inadvertently allowed access to the internal system. Furthermore, the PDPC found that there were no processes in place to remove or deactivate unnecessary user accounts and that Jean Yip Salon did not enforce a password policy for user accounts.

You can read the decision here.