Data protection/privacy and information security/cybersecurity are inextricably linked – there cannot be privacy without security. And contrary to the impression given by many news reports and by complicated reports issued by prominent professional firms and consultants, getting these things right doesn’t need to be expensive or obstruct you in getting on with your business. Studies estimate that between 50% and 70% of data breaches result from either untrained or negligent staff or from the deliberate actions of disgruntled staff. We can suggest a few simple checks and balances to you, and educate your staff on good practices, delivering a significant improvement in terms of protection from cyber attacks without breaking the bank.
If you are a multinational organisation we are experts in harmonising your existing privacy/data protection policies and procedures to comply with Singapore law. We understand the importance of a uniform approach across your organisation. We do not seek to ‘reinvent the wheel’.
If you are a local organisation, you should hire us if you do not want lawyers who mire you in theory and complications. We adopt a straightforward and practical approach in our data protection work with clients, viewing it through an information life-cycle that reflects your business needs for data and the way you need to collect, use, disclose and store it. We understand business processes and requirements and the realities of internal politics. We work with you to embed data protection into your existing business processes effectively and use the data protection law to build trust with your customers and other stakeholders. We help clients launching new products and technologies to adopt a ‘privacy by design’ approach.
Above all, we understand that the data protection/privacy law, together with information security/cybersecurity should serve business. Compliance can and should be consistent with business needs. In Australia, we would express this by saying ‘the tail should not wag the dog!’