Response to Letter “保护英康拥有的国民数据” - Lianhe Zaobao, 10 August 2024

We refer to the letter by Dr Pei Sai Fan ("保护英康拥有的国民数据") published in Lianhe Zaobao on 10 August 2024.

MAS expects all financial institutions (FIs), including insurers, to put in place strong and comprehensive measures to safeguard customer data. MAS-licensed insurers must have a sound IT security policy and implement robust controls to safeguard customer information from unauthorised access or disclosure.

All FIs in Singapore are also subject to the Personal Data Protection Act (PDPA), which governs the collection, use and disclosure of personal data. Personal data should only be used for legitimate purposes recognised by the PDPA or with the consent of the individual. These obligations apply regardless of whether the data resides with a Singapore or foreign FI. Firm action will be taken against entities or persons who breach the relevant laws and regulations.

Lu Xinyi
Director (Corporate Communications)
Monetary Authority of Singapore