SAP Asia Ordered to Pay Financial Penalty Having Failed to Protect Personal Data of Its Former Employees

A decision of the Personal Data Protection Commission (“PDPC”) demonstrates the importance of conveying specific business requirements clearly to external vendors and conducting preliminary testing of any supplied products before use, lest an organisation be held in breach of its data protection obligations under the Personal Data Protection Act (“the Act”). The PDPC found that […]