To thrive in our data-driven digital economy today, organizations have to win consumers’ trust not only by providing quality goods and services, but also by having sound and accountable data protection practices.
Organizations’ use of personal data in Singapore is currently governed under the Personal Data Protection Act 2012 (PDPA), which aims to safeguard individuals’ personal data against misuse and promote proper management of personal data in organizations.
If your organization is already PDPA compliant, you can now go one step further to win consumer trust — by getting certified with Singapore’s Data Protection Trustmark (DPTM) certification.
Launched by the Info-communications Media Development Authority (IMDA) in January 2019, the DPTM certification establishes a robust data governance standard to help businesses increase their competitive advantage and build trust with their clients. It also aims to enhance and promote consistency in data protection standards across all sectors.
Application for DPTM certification is open to Singapore-based organizations that have put in place data protection policies and practices to comply with the obligations of the PDPA. Here are five reasons why your organization should get the DPTM certification:
- DPTM demonstrates your organization’s accountable data protection practices
Through the DPTM, your organization can now visibly communicate the soundness of your data protection policies and practices to your customers and stakeholders.
An organization that has attained the DPTM certification can use the DPTM logo in its business communications and display the DPTM decal and DPTM certificate on its premises for the duration of the certification.
When consumers see the DPTM logo, they can immediately identify your organization as a business with trustworthy data protection policies and practices.
- DPTM increases your organization’s competitive advantage
In today’s data-driven digital economy, consumer trust is essential if organizations want to effectively deploy innovative technology that makes use of personal data to deliver more personalised services.
Out of 1,500 consumer individuals surveyed by the Personal Data Protection Commission (PDPC) in 2018, two-thirds of them prefer to transact with organizations that have sound data protection regimes, and are more willing to share personal data with them.
organizations, too, recognised data protection as an important criterion when selecting a vendor to manage personal data on their behalf.
Nearly 80 per cent of over 1,500 industry representatives surveyed by the PDPC in 2018 noted that a data protection certification would significantly enhance brand image and boost consumer confidence.
Obtaining the DPTM certification demonstrates to customers that your organization has robust data protection policies and practices in place to safeguard their personal data.
This will help strengthen brand reputation, build trust and foster confidence in the business, raising your organization’s competitiveness both locally and overseas.
- DPTM provides assurance to your organization
A panel of three independent and professional Assessment Bodies has been appointed by IMDA for the DPTM certification scheme.
organizations applying for the certification can engage any one of them. Each Assessment Body has the competency to assess whether the applicants’ data protection practices are aligned to DPTM certification requirements and assist in identifying gaps that the organizations should address.
Having third-party certification can provide assurance to your organization because it helps to provide validation of its data protection practices.
This, in turn, will help your organization increase its data governance and protection standards, uncover potential weaknesses and enable it to take steps to mitigate risks.
- DPTM is aligned with international standards
While the DPTM is a domestic trustmark, its certification framework was developed based on adopting and aligning it with PDPA and incorporating elements of international benchmarks and best practices. This will help organizations that are operating globally to establish a baseline level of privacy protection across international markets.
It will also enable organizations to, in the future, more seamlessly attain both the DPTM and the APEC Cross-Border Privacy Rules (CBPR) or Privacy Recognition for Processors (PRP) system certifications.
organizations certified under the APEC CBPR or PRP systems will be able to legitimately transfer data across borders with participating APEC economies.
This will give overseas consumers and business partners confidence in your organization, especially those from countries with stringent data protection laws.
- Funding support for DPTM is available
For Singapore companies: Enterprise Singapore (ESG) is offering funding support through the Enterprise Development Grant (EDG) for some of the costs of DPTM certification and consultancy services.
For social service organizations: The National Council of Social Services (NCSS) is offering funding support for social service organizations through the NCSS organizational Development Grant (ODG).
For SMEs and NPOs: IMDA will waive the application fee for SMEs (small and medium-sized enterprises) and NPOs (non-profit organizations) till December 31, 2019.