Illegal to collect NRIC numbers from 1st Sep 2019
Some organisations may still not be aware that a new law to further protect personal data would come into effect from 1st Sep this year. This comes on the back of heightened cyber breaches and data theft in recent times, such as SingHealth, which is the largest domestic data theft till date at 1.5 million data, and Marriott group of hotels with around 500 million count of data.
In Singapore, one of our personal data is national registration identification card (NRIC) numbers. This is a piece of personal data which can potential fetch high market value. Identity theft is one of the most common crimes which can be committed from stolen personal identifiable information (PII).
Organisations affected have until 1st Sep 2019 to comply.
Some organisations which can be affected include:
- Security companies in buildings which scan through visitors
- Building operators or owners which collect visitors or tenants photo ID
- Mall operators and shopping centres which provide shopping incentives and process rewards for redemption, such as free or discounted parking fees
- Organisations which run marketing programmes and collect NRIC numbers
As an organisation, the scanner and software you use to extract data from scanning barcodes need to comply with a redacted form of NRIC extraction.
As an individual, how do you know if the company which scans your NRIC is compliant?
What are the alternative methods to replace collection of NRIC for organisations?
To learn more about how you can comply, click here..
For more detail on this PDPA new regulation, click here..