Data protection officers becoming more important
When he joined Ohm Energy, Mr Luqman Haniff Omar was often asked why he carries two mobile phones.
He does it to ensure that his personal and work data are kept separate. It is also a reminder to take data protection seriously.
This mentality serves the data and security analyst well, especially after he took on the role of a data protection officer (DPO) at his company six months ago.
Under the Personal Data Protection Act (PDPA), organisations are required to designate a DPO to oversee their data protection responsibilities.
DPOs like Mr Haniff, who graduated with a degree in information security, usually wear double hats in an organisation.
Mr Haniff, 33, told The New Paper that a DPO needs to ensurethat both customer and employee data are protected.
Mr Alvin Toh, chief marketing officer of Straits Interactive, a data protection and privacy company, told TNP: "A misconception people have is that only those in customer-facing roles need to be aware of data protection.
"However, because several departments are involved in collecting, using, disclosing and storing personal data, the DPO needs to coordinate between these various stakeholders."
Mr Haniff's responsibilities include checking that his company's documents and policies are in compliance with PDPA laws.
He also comes up with initiatives to ensure that the risk of a data breach is minimised.
One measure he implemented was to ensure that employees keep their personal devices and work devices separate.
He said: "When you come up with a solution and it gets successfully implemented and people see that there is a value add - this is a fulfilling part of the job."
Mr Haniff also conducts training for his colleagues to remind them of the data protection measures in the company as well to update them about new ones.
To help his colleagues understand, Mr Haniff converts data protection jargon to simple terms. He also uses case studies of data breaches in the news to help his colleagues understand why it is important to adhere to measures.
Mr Haniff's role is in demand now, especially as companies increasingly leverage on data in a digital world.
Mr Toh said: "The frequent use of personal data has given rise to new regulations in Singapore and the region.
"Companies also need to demonstrate good data protection practices if they want to be seen as credible. Hence this is the right time for someone looking to step into a role of a DPO to help the organisation demonstrate compliance and drive its digitalisation processes."