Spotlight On Pan Peiwen, Personal Data Protection Advisor and Company Director

2020-07-16
banner

In this edition, we feature Dr Pan Peiwen, Company Director and Personal Data Protection Advisor

Please share with us your background

I am a Personal Data Protection Advisor and a professionally trained Company Director in Australia and Singapore since 2001.  I have been a Director of several private limited companies in Singapore since 2017 and an Executive Advisor in a private equity (limited) company of Australia since 2010.  I also serve as an ad-hoc Security Supervisor with Certis Cisco Protection Services Pte Ltd, Singapore since 2017.  Before holding these appointments, I held positions of Chief Data Protection Officer & Licensee Director Designate in a security agency, Singapore (2019-2020), ad-hoc Security Supervisor in Focal Investigation & Security Agency Pte Ltd, Singapore (2018-2019); Computer Audit Specialist (Integrated Audit Consultant) in Saudi Industrial Development Fund in Riyadh, Saudi Arabia (2006-2016); Chief Governance Officer (CGO) & Executive Director in ID Global, Singapore (2004-2006); Director in Ashcraft Holdings Pte Ltd, Singapore (2003-2006); Chief Audit Executive & Audit Committee (AC) Secretary in Prima Ltd, Singapore (2000-2004); Internal Audit (IA) Manager (China) in Philips Electronics China Group, Shanghai, China (1999-2000); IA Manager (Chief IT Audit Executive) in Neptune Orient Lines (NOL) Ltd, Singapore (1996-1998); Information Systems Auditor in C.K.Tang Ltd, Singapore (1995-1996); and Regional IT Coordinator (Head of Regional IT Department) in Albright & Wilson Asia Pacific Pte Ltd, Singapore (1991-1995).

I hold a Degree of Doctor of Philosophy (PhD) in Corporate Governance and Strategic Planning from Greenleaf University, USA; a Degree of Master of Business in Information Technology from Royal Melbourne Institute of Technology (RMIT University), Australia; a Company Directors Course Diploma from Australian Institute of Company Directors (AICD); a Company Directors Course Certificate from Singapore Institute of Directors (SID); a Certified Diploma in Accounting & Finance from the Association of Chartered Certified Accountants (ACCA), UK; a Diploma in Marketing from Chartered Institute of Marketing (CIM), UK; an Advanced Diploma in Business Administration from Association of Business Executives (ABE), UK; complete Parts I & II from Chartered British Computer Society (BCS), UK; an Advanced Diploma in Data Protection & Operational Excellence from Singapore Management University (SMU) Academy; a SkillsFuture Singapore (SSG) - Workforce Skills Qualifications (WSQ) Diploma in Security Management and SSG-WSQ Advanced Certificate in Security Supervision from the Security Industry Institute (SII), Temasek Polytechnic.

I am also a Fellow (FIPA) of Australian Institute of Public Accountants (IPA), a Fellow (FFA) of UK's Institute of Financial Accountants (IFA), an Ordinary Member (MSID) of SID, a Council Member of USA’s Gerson Lehrman Group (GLG) Accounting & Financial Analysis Council of Advisors, a SSG-WSQ Certified Competent Security Agency Licensee Director and a Singapore Police Licensing & Regulatory Department (PLRD) Licensed Security Supervisor (SS) with SSG-WSQ certified Competency in Conduct Crowd & Traffic Control (CCTC), Conduct Security Screening of Person & Bag (CSS-P/B), Conduct Security Screening using X-Ray Machine (CSS-X); and Recognise Terrorist Threats (RTT).

I was also nominated for the Singapore SkillsFuture Fellowships Award 2020 - expect the unexpected.

How is it that you got interested in data privacy/protection?

I have a good background in IT audit, security and controls hence data privacy/protection is familiar to me. I got into great interest in DP when the PDPC planned to enforce our Personal Data Protection Act (PDPA) on NRIC collection with effect from 1 Sep 2019, signing up the PDPA - An Operational Perspective course offered by Singapore Management University (SMU) Academy in partnership with Straits Interactive in Aug 2019. It was just to "test water" if I was interested to pursue this field of studies further. After completing his first PDPA course, I was lucky enough to be offered a post of Chief DPO and Licensee Director Designate by a security agency in Oct 2019.

With little career progression, I was encouraged by my ex-lecturer of the first PDPA course to further pursue an Advanced Certificate in Data Protection Operational Excellence course in SMU Academy, started in Dec 2019 and finished in Feb 2020. After graduation, I was further encouraged by the course administrator and my classmate to further study the second Advanced Certificate in Data Protection Principles course, started in Feb 2020 and finished in May 2020. After acquiring my second Advanced Certificate, I quickly completed the SMU Academy Advanced Diploma in Data Protection & Operational Excellence.

What data privacy courses did you take from Straits Interactive/DPEX Network and why? How was that different from other courses you took? 

I took all the above data privacy/protection courses from Straits Interactive/DPEX Network conducted in SMU Academy. Straits Interactive is the renowned market leader in this field of professional studies. They have excellent knowledgeable and experienced lecturers from Singapore and abroad. I did not take any similar courses elsewhere other than Straits Interactive, hence am unable to compare the differences between training providers. 

What is your current job role? How does your job involve privacy/data protection functions?

My current job role is a freelance Personal Data Protection Advisor. I address and advise on PDPA compliance at Board level to several private limited companies.

I was once a Chief DPO with a security agency in Singapore from Oct 2019 to Apr 2020. Although given a short life span of productive time, I was able to put what I had learned in class into practice as Chief DPO.

My key achievements: 

How is Data Protection knowledge useful for the sector you are involved in?

The DP knowledge that I gained from SMU Academy and Straits Interactive is very useful and relevant to my role as Chief DPO and freelance Personal Data Protection Advisor to the boards that I am serving. 

What practical advice would you offer to those wanting to implement a data protection management programme (DPMP) in their organization?  

In order for a DPMP to be effective and successful, below are some of the critical success factors:

  • Set up a DP Governance Committee with one representative each from all departments.
  • Strong top management buy-in and support.
  • DPO and DP Governance Committee Members should be well trained in DP.
  • DPO and DP Governance Committee Members must be passionate on DP.
  • (Very Important Advice) DPO must report directly to CEO, if not, the Risk Committee at the Board level.  It will be a disaster if DPO is reporting directly to CFO, for example, it will be conflict of interest by CFO.
  • Right goal with wrong direction (by your top management) will lead you to nowhere, if not, it would take a longer journey to achieve your goal (e.g. DPTM).

What advice do you have for others?

I started off my lifelong learning journey since 1981 when I was 22 years old, after ROD (running out date) as NS Police Inspector, pursued my strategic part-time studies which allowed me to progress all the way from a junior position of Computer Operator (1981) to a Company Director at the Board level (2003).  I wish to share my lifelong learning experience with others.

His Mottos: Learn as I earn, earn as I learn.  Learn to enjoy learning, work to enjoy working.

His Advice: Never ever rely on your HRD (Human Resource Dept) to plan for your training and career development plan because your personal career goals most probably may not be matched with your company’s overall human capital goals.  You should be in charge of your own training and career development plan hopefully with a more fruitful lifelong learning journey. 

Dr PAN peiwen is a "LION" - LinkedIn Open Networker. He welcomes all of you to connect with him on LinkedIn directly.



Interview by Leong Wai Chong,  GRCP, CIPM



Just one more step! We've sent an email to .
Please check your inbox or spam and open it to activate your account.

Topics
Related Articles