pdpc_decisions_version_detail (view)
1 row where "timestamp" is on date 2016-07-21 and title = "Breach of Protection Obligation by Toh-Shi Printing Singapore"
This data as json, CSV (advanced)
Suggested facets: _commit_at (date), date (date), timestamp (date), tags (array), _changed_columns (array)
| _commit_at | _commit_hash | _id | _item | _version | _commit | description | tags | date | pdf-url | nature | title | url | timestamp | pdf-content | decision | _item_full_hash | _changed_columns |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2023-10-01T11:02:10+08:00 | fbd32491db44d3d0c97aa12a99cefd61ec954264 | 230 | 230 | 1 | 952 | A financial penalty of $5,000 was imposed on Toh-Shi Printing Singapore for failing to implement proper and adequate verification while processing personal data on behalf of the CDP, resulting in unauthorised disclosure of 195 individuals’ sensitive personal data. | [
"Protection",
"Financial Penalty",
"Not in Breach",
"Admin and Support Services",
"TOH-SHI",
"CDP"
] |
2016-07-21 | https://www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Commissions-Decisions/grounds-of-decision---toh-shi-(210716).pdf | Protection | Breach of Protection Obligation by Toh-Shi Printing Singapore | https://www.pdpc.gov.sg/all-commissions-decisions/2016/07/breach-of-protection-obligation-by-toh-shi-printing-singapore-jul | 2016-07-21 | DECISION OF THE PERSONAL DATA PROTECTION COMMISSION Case Number: DP-1506-A456 CENTRAL DEPOSITORY (PTE) LIMITED (UEN. 198003912M) ... 1st Respondent TOH-SHI PRINTING SINGAPORE PTE LTD (UEN. 198704013N) ... 2nd Respondent Decision Citation: [2016] SGPDPC 11 GROUNDS OF DECISION 21 July 2016 A. BACKGROUND 1. On 11 June 2015, the Central Depository Pte Limited (“CDP”), reported to the Personal Data Protection Commission (“Commission”) of an incident of a data breach involving its customers’ personal data. It was reported that six CDP account holders had received CDP account (“CDP account”) statements for the month of May 2015 containing account information of other account holders. On the same day, Singapore Exchange Limited (“SGX”) issued a news release to inform and apologise for the incident. 2. Following the reporting of the incident, the Commission undertook an investigation into the matter. The Commission had determined that the two respondents in the matter were CDP and Toh-Shi Printing Singapore Pte Ltd (“Toh-Shi”) respectively. The Commission’s decision on the matter and grounds of decision are set out below. B. MATERIAL FACTS AND DOCUMENTS 3. CDP is a wholly-owned subsidiary of SGX, and provides clearing, settlement and depository facilities in the Singapore securities market. Toh-Shi is the external vendor of CDP in charge of printing the CDP account statements for CDP. 4. The printing services provided by Toh-Shi are governed by a contract between parties dated 1 March 2013 (the Document Management Service Agreement (“DMSA”)). The DMSA required, amongst other things, for Toh-Shi to protect the confidentiality of the CDP account holders’ personal data and to put in place the necessary measures to protect the data. 5. Following the discovery of the data breach and Toh-Shi alerting the Commission of the breach, on 15 June 2015, CDP reissued the corrected CDP statements for the month of May 2015 with an apology letter to the 195 affected account holders. On 17 June 2015, SGX started to contact … | Financial Penalty, Not in Breach | 915d1174037745f235dd3c1279be62593b3bc91d | [
"pdf-content",
"timestamp",
"decision",
"pdf-url",
"tags",
"nature",
"url",
"title",
"date",
"description"
] |
Advanced export
JSON shape: default, array, newline-delimited
CREATE VIEW pdpc_decisions_version_detail AS select
commits.commit_at as _commit_at,
commits.hash as _commit_hash,
pdpc_decisions_version.*,
(
select json_group_array(name) from columns
where id in (
select column from pdpc_decisions_changed
where item_version = pdpc_decisions_version._id
)
) as _changed_columns
from pdpc_decisions_version
join commits on commits.id = pdpc_decisions_version._commit;