"What the Medical Profession needs to know about PDPA and the Issues of Identity Verification Rules during Interactions between Healthcare Professionals, Patients and Next-of-Kins"

The Academy of Medicine, Singapore would like to invite our esteemed Fellows and Members to this exclusive CME Talk where you can learn from a Legal Professional the key concepts and obligations of the PDPA and understand what needs to be done to ensure compliance with the PDPA. 

The PDPA took effect in phases starting with the provisions relating to the formation of the PDPC on 2 January 2013. Provisions relating to the DNC Registry came into effect on 2 January 2014 and the main data protection rules on 2 July 2014. This allowed time for organisations to review and adopt internal personal data protection policies and practices, to help them comply with the PDPA.

It has also established a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

The most basic requirement for data to constitute personal data is that it is data about an individual. Data about an individual includes any data that relates to the individual. Some examples of data that is about an individual include information about an individual's health, educational and employment background, and more. In particular, a person's medical information and NRIC details have been classified as very sensitive data which should be accorded a higher standard of protection.

This awareness talk is specially organized to focus on the healthcare sector and how the PDPA applies to you. In addition, the speaker will also address the issues of Identity Verification Rules during interactions between healthcare professionals, patients and Next-of-Kins (NOKs). The talk will cover the following topics:

• Introduction to Personal Data Protection Act (PDPA) including the 9 Obligations
• Legislative and regulatory requirements under the PDPA that an organisation has to comply with
• Roles of employees at various organisation level
• Issues of Identity Verification Rules during interactions between healthcare professionals, patients and Next-of-Kins (NOKs)
• Managing Data Breach
• Dos and Don'ts - Lessons from the SingHealth saga 

 

Chern Yang is a banking and commercial matters litigator and also has extensive experience as a mediator. Chern Yang has expertise in secured and unsecured facilities, debt recovery, bankruptcy and insolvency. He helps banks with the recovery of loans upon default by the borrowers, which could include enforcement of judgments and realisation and enforcement of securities, such as mortgages and personal guarantees.

Aside from banking litigation, Chern Yang has advised on a wide spectrum of issues such as defamation, contrac-tual claims, medical and other professional misconduct or negligence, and landlord-tenant disputes. He also has experience in corporate commercial matters such as breach of fiduciary duty, shareholder disputes, and claims in tort such as negligence and conspiracy.

In addition, he has also advised clients on privacy and data protection matters arising out of the application of the Personal Data Protection Act (PDPA) both in Singapore and as part of a global policy. He also conducts training workshops to equip Data Protection Officers and other participants with the knowledge and skills for compliance with the PDPA.

Chern Yang is a proficient mediator and was one of the youngest to be appointed as a Principal Mediator and Fellow of the Singapore Mediation Centre and currently the youngest Singapore-based mediator on the panel with Singapore International Mediation Centre. He regularly teaches mediation and has done so for the Judiciary in Thailand, Brunei and Myanmar and government officials in Fiji.

---