Summary Findings from 50 Onsite Audits Regarding Common Potential Data Breaches

Conducted by Straits Interactive

Objectives of Survey

  • Identify the most common potential data breaches in organisations in Singapore and Malaysia that could contravene the Personal Data Protection Act
  • Discover to what extent breaches are related to paper documents

(conducted between Aug 2013 – Sep 2014)

Number of Companies involved: 50


  1. Identified 14 common areas of potential data breaches
  2. Worked with data protection officers from our clients and from our Data Protection Hands-on Course to document common data breaches
  3. Documented the top 5 data breaches

Here are the findings of risks where organisations can potentially contravene the new Personal Data Protection Act (PDPA). Based on more than 50 on-site PDPA audits which the company managed with the help of data protection officers from SMEs, the biggest risks identified were those related to paper documents. The top five areas identified (outside the IT infrastructure) are as follows:

  • 73% of companies audited had exposed desks with confidential / personal data
  • 68% of them had uncollected prints and / or originals left at the copier
  • 1 in 2 companies had risks associated with
    • Unlocked or exposed screens on PC / mobile devices
    • Unlocked cabinets or those with keys left in the keyhole
  • 1 in 3 companies had papers and / or documents with confidential data thrown into waste paper or recycled bins

These findings, collected over a span of a year, included clients from Straits Interactive undergoing PDPA site audits and those who attended the company’s popular hands-on data protection officer’s course. The gaps were easily addressed with recommended information security measures. The audit methodology included a data inventory assessment and an analysis of the flow of personal data within the organisation. This was followed by an actual site inspection of where personal data was collected, processed and stored.

See press release for more information: