Ministry of Health Time to admit, fix mistake and move on
I cannot help but disagree with Communications and Information Minister S. Iswaran's comment that the public sector is subject to the same, if not higher, rigorous standards of data governance as the private sector.

Banks and insurance companies, for example, have strict policies and measures in place to prevent staff from downloading customers' data. Storage devices are tightly controlled and only company-issued devices can be used.

System checks are in place to detect and flag any breaches. Anyone caught breaching it is subject to severe penalties.

I can accept that no matter how secure a system may be, it could still be subject to hacking and data breaches, and any organisation could still fall victim, regardless of how robust the system is.

However, the recent breach and data leak in the Ministry of Health appear to be the result of negligence.

How can the standards of data governance be robust when employees are able to download patients' data without any form of control?

A mistake has been made.

It is time to admit it, fix it and move on.

Patrick Tan Siong Kuan

Source: https://www.straitstimes.com/forum/letters-in-print/time-to-admit-fix-mistake-and-move-on

Add Comment

---