30 October 2014 - Post by:Susana Ng
In recent years, stricter regulations are imposed to regulate financial, workplace and other issues. Facing the new regulatory regime, businesses – especially multinational corporates – have increased the importance of conducting independent, internal investigations. At the same time, there is a rising trend in businesses outsourcing their data centres elsewhere and adopting the “bring your own device” or other similar model which, on the one hand, transforms our lives and provides great personal convenience but, on the other hand, makes it hard to determine what is company data and personal data. This in turn creates a more complex challenge in terms of data privacy compliance when conducting internal investigations.
Over the past few years, the data privacy regime in Asia has greatly evolved. Seeing the importance of protecting personal data, governments in Asian countries have been taking active steps to catch up with the more developed counterparts and enacted more comprehensive data protection legislation (e.g. Singapore, Thailand etc) or guidelines (e.g. China). The absence of uniformity of laws and, in some cases, the lack of detailed guidance on the application of laws or guidelines, have made it all very challenging for businesses to operate in a privacy compliant manner. Having a well-drafted employee data protection policy is a good starting point. However, it is more important to educate staff on what the policy really means when they handle daily routines at work.