3
ETHOS BEATHCHAPMAN R E D E F I N I N G E X E C U T I V E R E C R U I T M E N T Bridging the Information Privacy Talent Gap © BeathChapman Pte Ltd 2015 Page 01 Privacy concerns will continue to exist where sensitive information is collected and stored be it in digital form or otherwise. The challenge, then, in data privacy is to share data while protecting personally identifiable information. Organisations have invested and recruited well in the fields of data security and information security software and hardware to address this issue. However, living in an increasingly global world means that the legal framework will continue to change to mirror privacy regulations in the US and EU. We live in an increasingly globalised world, hence, changes in the EU and American data privacy framework will have a knock on effect on APAC and Singapore. As the laws and regulations related to global data protection are constantly changing, organisations continue to find room for legal talent in data privacy to keep abreast of any changes in the law and continually reassess internal compliance with data privacy and security regulation considerations. With the changes in regulation, this leads to demand in data privacy legal candidates as companies will be keen to stay ahead. BeathChapman continues to see lead specialist (employment and data privacy) Legal positions coming into the Singapore and Hong Kong market as a result of changing regulations; with the most recent one in Singapore being the Personal Data Protection Act (PDPA) that many companies have been concerned with for the past year. The IT and internet/new media industry stand out as some of the larger employers in the market. They typically demand lawyers from the industry with strong drafting and data privacy knowledge to the ability to negotiate complex customer agreements. Singapore passed the PDPA in January 2013 and organisations across industries operating here were required to comply by July 2014. The bill aims to prevent private organisations from misusing personal data, and will be enforced by a regulatory body and financial penalties. One year on, this continues to have a significant impact on the Singapore legal and compliance space today. As a recap, there are two key components to the Singapore PDPA: ‘Do-Not-Call’ registry: Signing up allows members of the public to block telemarketing calls, SMS’s and faxes. Personal Data Protection Commission (PDPC): An enforcement agency tasked with regulating the management of personal data by businesses and imposing financial penalties when organisations do not abide by the new regulations. Companies found to have violated the data protection rules may be fined up to $10,000 per customer complaint, or if an organisation is found to be non-compliant, the PDPC may impose a maximum financial penalty of $1 million on the errant organisation. The severe financial penalties act as a deterrence and reminder to organisations to the extent where this could potentially become a boardroom issue. With PDPA becoming a well publicised issue, there is real danger for companies suffering damage to their brand and reputation if not seen to be proactive or at least complaint with it. Consumers today are more likely to see through clever advertising campaigns and promotions. Their buying behaviour is likely to be influenced by their At BeathChapman, our Legal desk focuses on helping our broad range of clients find the right talent for their in-house function. With the onset of new media and rapidly evolving privacy laws, there is clearly demand for these skill sets. With the regulatory environment becoming more complex and stringent, this is posing a challenge for organisations and recruiters alike to find the right talent. Information privacy, or data privacy (or data protection), is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them.

EBC0033 Legal Whitepaper Nov 2015

Embed Size (px)

Citation preview

Page 1: EBC0033 Legal Whitepaper Nov 2015

ETHOS BEATHCHAPMAN

R E D E F I N I N G E X E C U T I V E R E C R U I T M E N T

Bridging the Information Privacy Talent Gap

© BeathChapman Pte Ltd 2015 Page 01

Privacy concerns will continue to exist where sensitive

information is collected and stored be it in digital form

or otherwise. The challenge, then, in data privacy is to

share data while protecting personally identifiable

information. Organisations have invested and recruited

well in the fields of data security and information security

software and hardware to address this issue. However,

living in an increasingly global world means that the legal

framework will continue to change to mirror privacy

regulations in the US and EU.

We live in an increasingly globalised world, hence,

changes in the EU and American data privacy framework

will have a knock on effect on APAC and Singapore. As

the laws and regulations related to global data protection

are constantly changing, organisations continue to find

room for legal talent in data privacy to keep abreast of

any changes in the law and continually reassess internal

compliance with data privacy and security regulation

considerations. With the changes in regulation, this

leads to demand in data privacy legal candidates as

companies will be keen to stay ahead.

BeathChapman continues to see lead specialist

(employment and data privacy) Legal positions coming

into the Singapore and Hong Kong market as a result of

changing regulations; with the most recent one in

Singapore being the Personal Data Protection Act

(PDPA) that many companies have been concerned

with for the past year. The IT and internet/new media

industry stand out as some of the larger employers in

the market. They typically demand lawyers from the

industry with strong drafting and data privacy knowledge

to the ability to negotiate complex customer agreements.

Singapore passed the PDPA in January 2013 and

organisations across industries operating here were

required to comply by July 2014. The bill aims to prevent

private organisations from misusing personal data, and

will be enforced by a regulatory body and financial

penalties. One year on, this continues to have a significant

impact on the Singapore legal and compliance space

today.

As a recap, there are two key components to the

Singapore PDPA:

• ‘Do-Not-Call’ registry:

Signing up allows members of the public to block

telemarketing calls, SMS’s and faxes.

• Personal Data Protection Commission (PDPC):

An enforcement agency tasked with regulating the

management of personal data by businesses and

imposing financial penalties when organisations do

not abide by the new regulations. Companies found

to have violated the data protection rules may be

fined up to $10,000 per customer complaint, or if

an organisation is found to be non-compliant, the

PDPC may impose a maximum financial penalty of

$1 million on the errant organisation.

The severe financial penalties act as a deterrence and

reminder to organisations to the extent where this could

potentially become a boardroom issue. With PDPA

becoming a well publicised issue, there is real danger

for companies suffering damage to their brand and

reputation if not seen to be proactive or at least complaint

with it. Consumers today are more likely to see through

clever advertising campaigns and promotions. Their

buying behaviour is likely to be influenced by their

perception of the type of company behind the product.

Hence, investing in legal talent in this aspect is a way

of ensuring companies are seen to be ethical and

respectful, thus winning the hearts and minds of their

target consumers by being better corporate citizens.

Many companies, particularly financial institutions, are

ramping up efforts to ensure that policies and procedures

comply with the new regulations. Hence, we also

observe hiring for legal talents in the IT and Operations

space. Depending on the industry an organisation is in,

the amount of personal data being collected can be

massive. More often than not, the data is passed on to

third parties. Hence, possessing a strong regulation

framework in this area has been welcomed by consumers.

Perceived branding of organisations will be improved

when data are ethically managed.

Organisations have been evolving their processes to

ensure and not accommodate compliance; with some

leading healthcare and pharmaceutical MNCs already

integrating data privacy matters into Chief Compliance

Officers’ job scope. The bottom line is that compliance

continues to evolve as the business environment we

are all operating in becomes more complicated. We,

at BeathChapman believe that the funding for legal

hiring in this area will only increase over time. One of

the main challenges faced by companies relating to

information privacy is the limited legal talent pool in

this area.

The following can be adopted to ensure organisations

are in the clear.

• Educating frontline staff.

Companies like Ashurst and Thomson Reuters can

also offer their clients a comprehensive off-the-shelf

elearning course on data privacy.

• Hire a project legal consultant to provide expertise

on PDPA and to help your organisation understand

the regulations and your obligations;

• Look for professionals in the regulatory space,

i.e. regulatory compliance, IT governance / risk and

those handling programme / project management,

as it will be easy for them to pick up and apply

data/information privacy knowledge;

• Target expats from countries where these regulations

have existed previously. The PDPA was first passed

in the UK in 1984, so companies could look there

for expertise, or to Asian countries where the act is

enforced such as Hong Kong and to a certain

extent, Singapore.

To candidates in the legal and compliance space, we

would encourage you to be familiar of and be kept

abreast of the new regulations – ‘retool’ yourself. To

clients with this need, you should be prepared to pay

a premium for that knowledge and expertise that

exists in the market.

If you require further details or wish to have a confi-

dential discussion about your career, market trends,

or salary information, please contact Linus at

[email protected] or on +65 6692 0795.

Please click here or visit beathchapman.com/jobs

for a more comprehensive Jobs List.

At BeathChapman, our Legal desk focuses on helping our broad range of clients find the right talent for

their in-house function. With the onset of new media and rapidly evolving privacy laws, there is clearly

demand for these skill sets. With the regulatory environment becoming more complex and stringent,

this is posing a challenge for organisations and recruiters alike to find the right talent. Information privacy,

or data privacy (or data protection), is the relationship between collection and dissemination of data,

technology, the public expectation of privacy, and the legal and political issues surrounding them.

Page 2: EBC0033 Legal Whitepaper Nov 2015

ETHOS BEATHCHAPMAN

R E D E F I N I N G E X E C U T I V E R E C R U I T M E N T

Page 02© BeathChapman Pte Ltd 2015

Privacy concerns will continue to exist where sensitive

information is collected and stored be it in digital form

or otherwise. The challenge, then, in data privacy is to

share data while protecting personally identifiable

information. Organisations have invested and recruited

well in the fields of data security and information security

software and hardware to address this issue. However,

living in an increasingly global world means that the legal

framework will continue to change to mirror privacy

regulations in the US and EU.

We live in an increasingly globalised world, hence,

changes in the EU and American data privacy framework

will have a knock on effect on APAC and Singapore. As

the laws and regulations related to global data protection

are constantly changing, organisations continue to find

room for legal talent in data privacy to keep abreast of

any changes in the law and continually reassess internal

compliance with data privacy and security regulation

considerations. With the changes in regulation, this

leads to demand in data privacy legal candidates as

companies will be keen to stay ahead.

BeathChapman continues to see lead specialist

(employment and data privacy) Legal positions coming

into the Singapore and Hong Kong market as a result of

changing regulations; with the most recent one in

Singapore being the Personal Data Protection Act

(PDPA) that many companies have been concerned

with for the past year. The IT and internet/new media

industry stand out as some of the larger employers in

the market. They typically demand lawyers from the

industry with strong drafting and data privacy knowledge

to the ability to negotiate complex customer agreements.

Singapore passed the PDPA in January 2013 and

organisations across industries operating here were

required to comply by July 2014. The bill aims to prevent

private organisations from misusing personal data, and

will be enforced by a regulatory body and financial

penalties. One year on, this continues to have a significant

impact on the Singapore legal and compliance space

today.

As a recap, there are two key components to the

Singapore PDPA:

• ‘Do-Not-Call’ registry:

Signing up allows members of the public to block

telemarketing calls, SMS’s and faxes.

• Personal Data Protection Commission (PDPC):

An enforcement agency tasked with regulating the

management of personal data by businesses and

imposing financial penalties when organisations do

not abide by the new regulations. Companies found

to have violated the data protection rules may be

fined up to $10,000 per customer complaint, or if

an organisation is found to be non-compliant, the

PDPC may impose a maximum financial penalty of

$1 million on the errant organisation.

The severe financial penalties act as a deterrence and

reminder to organisations to the extent where this could

potentially become a boardroom issue. With PDPA

becoming a well publicised issue, there is real danger

for companies suffering damage to their brand and

reputation if not seen to be proactive or at least complaint

with it. Consumers today are more likely to see through

clever advertising campaigns and promotions. Their

buying behaviour is likely to be influenced by their

perception of the type of company behind the product.

Hence, investing in legal talent in this aspect is a way

of ensuring companies are seen to be ethical and

respectful, thus winning the hearts and minds of their

target consumers by being better corporate citizens.

Many companies, particularly financial institutions, are

ramping up efforts to ensure that policies and procedures

comply with the new regulations. Hence, we also

observe hiring for legal talents in the IT and Operations

space. Depending on the industry an organisation is in,

the amount of personal data being collected can be

massive. More often than not, the data is passed on to

third parties. Hence, possessing a strong regulation

framework in this area has been welcomed by consumers.

Perceived branding of organisations will be improved

when data are ethically managed.

Organisations have been evolving their processes to

ensure and not accommodate compliance; with some

leading healthcare and pharmaceutical MNCs already

integrating data privacy matters into Chief Compliance

Officers’ job scope. The bottom line is that compliance

continues to evolve as the business environment we

are all operating in becomes more complicated. We,

at BeathChapman believe that the funding for legal

hiring in this area will only increase over time. One of

the main challenges faced by companies relating to

information privacy is the limited legal talent pool in

this area.

The following can be adopted to ensure organisations

are in the clear.

• Educating frontline staff.

Companies like Ashurst and Thomson Reuters can

also offer their clients a comprehensive off-the-shelf

elearning course on data privacy.

• Hire a project legal consultant to provide expertise

on PDPA and to help your organisation understand

the regulations and your obligations;

• Look for professionals in the regulatory space,

i.e. regulatory compliance, IT governance / risk and

those handling programme / project management,

as it will be easy for them to pick up and apply

data/information privacy knowledge;

• Target expats from countries where these regulations

have existed previously. The PDPA was first passed

in the UK in 1984, so companies could look there

for expertise, or to Asian countries where the act is

enforced such as Hong Kong and to a certain

extent, Singapore.

To candidates in the legal and compliance space, we

would encourage you to be familiar of and be kept

abreast of the new regulations – ‘retool’ yourself. To

clients with this need, you should be prepared to pay

a premium for that knowledge and expertise that

exists in the market.

If you require further details or wish to have a confi-

dential discussion about your career, market trends,

or salary information, please contact Linus at

[email protected] or on +65 6692 0795.

Please click here or visit beathchapman.com/jobs

for a more comprehensive Jobs List.

LINUS CHOOREG NO. R1216328

ASSOCIATE DIRECTOR

LEGAL - APAC

T: +65 6692 0795

E: [email protected]

Page 3: EBC0033 Legal Whitepaper Nov 2015

Page 03© BeathChapman Pte Ltd 2015

Linus leads the legal practice at Ethos BeathChapman, focusing on legal & compliance and company secretarial

placements. He has successfully conducted and completed many senior level in-house legal positions across all

sectors throughout APAC with reputable MNCs and conglomerates.

Prior to joining Ethos BeathChapman, Linus was with a large specialist legal recruitment firm, where he was

responsible for the legal and company secretarial portfolios. This focus has enabled him to develop strong

functional knowledge of the discipline and a broad network of contacts and referrals within the legal sphere. He

has executed retained legal search assignments up to C-Level.

His recent track record of successful placements include General Counsel for a Resources and Chemicals

organisation, Head Legal of a leading real estate Singapore Listed Company, Head of Legal of a Medical

services company, Corporate Compliance Director of a Global Logistics company, Head Corporate Secretariats

of leading Singapore and HK Listed companies, Head of Legal & Compliance of a European Pharmaceutical

MNC and Senior Attorneys with Fortune 500 MNCs. He has also placed mid-level lawyers in investment banks,

boutique asset management fund houses and with leading Singapore listed companies.

Linus has laid claim amongst the top billers’ league over the course of his career. He is known and respected for

his tenacity and his ability to close “hard to fill” positions; and as a trusted advisor to his contacts. In his free time,

he enjoys a game of football with his friends, hunting down good food options and spending quality time with his

loved ones.

LINUS CHOOREG NO. R1216328

ASSOCIATE DIRECTOR

LEGAL - APAC

T: +65 6692 0795

E: [email protected]

www.ethosbc.com BEATHCHAPMAN (PTE LTD)

EA R1216328 LICENCE NO: 11C5008

ETHOS BEATHCHAPMAN

R E D E F I N I N G E X E C U T I V E R E C R U I T M E N T