5 reasons why organisations should get the Data Protection Trustmark

Obtaining the Data Protection Trustmark certification demonstrates to customers that your organisation has robust data protection policies and practices in place to safeguard their personal data.
Infocomm Media Development Authority

To thrive in our data-driven digital economy today, organisations have to win consumers’ trust not only by providing quality goods and services, but also by having sound and accountable data protection practices.

Organisations’ use of personal data in Singapore is currently governed under the Personal Data Protection Act 2012 (PDPA), which aims to safeguard individuals’ personal data against misuse and promote proper management of personal data in organisations.

If your organisation is already PDPA compliant, you can now go one step further to win consumer trust — by getting certified with Singapore’s Data Protection Trustmark (DPTM) certification.

Launched by the Info-communications Media Development Authority (IMDA) in January 2019, the DPTM certification establishes a robust data governance standard to help businesses increase their competitive advantage and build trust with their clients. It also aims to enhance and promote consistency in data protection standards across all sectors.

Application for DPTM certification is open to Singapore-based organisations that have put in place data protection policies and practices to comply with the obligations of the PDPA. Here are five reasons why your organisation should get the DPTM certification:

1. DPTM demonstrates your organisation’s accountable data protection practices

Through the DPTM, your organisation can now visibly communicate the soundness of your data protection policies and practices to your customers and stakeholders.

An organisation that has attained the DPTM certification can use the DPTM logo in its business communications and display the DPTM decal and DPTM certificate on its premises for the duration of the certification.

When consumers see the DPTM logo, they can immediately identify your organisation as a business with trustworthy data protection policies and practices.

2. DPTM increases your organisation’s competitive advantage

In today’s data-driven digital economy, consumer trust is essential if organisations want to effectively deploy innovative technology that makes use of personal data to deliver more personalised services.

Out of 1,500 consumer individuals surveyed by the Personal Data Protection Commission (PDPC) in 2018, two-thirds of them prefer to transact with organisations that have sound data protection regimes, and are more willing to share personal data with them.

Organisations, too, recognised data protection as an important criterion when selecting a vendor to manage personal data on their behalf.

Nearly 80 per cent of over 1,500 industry representatives surveyed by the PDPC in 2018 noted that a data protection certification would significantly enhance brand image and boost consumer confidence.

Obtaining the DPTM certification demonstrates to customers that your organisation has robust data protection policies and practices in place to safeguard their personal data.

This will help strengthen brand reputation, build trust and foster confidence in the business, raising your organisation’s competitiveness both locally and overseas.

3. DPTM provides assurance to your organisation

A panel of three independent and professional Assessment Bodies has been appointed by IMDA for the DPTM certification scheme.

Organisations applying for the certification can engage any one of them. Each Assessment Body has the competency to assess whether the applicants’ data protection practices are aligned to DPTM certification requirements and assist in identifying gaps that the organisations should address.

Having third-party certification can provide assurance to your organisation because it helps to provide validation of its data protection practices.

This, in turn, will help your organisation increase its data governance and protection standards, uncover potential weaknesses and enable it to take steps to mitigate risks.

4. DPTM is aligned with international standards

While the DPTM is a domestic trustmark, its certification framework was developed based on adopting and aligning it with PDPA and incorporating elements of international benchmarks and best practices. This will help organisations that are operating globally to establish a baseline level of privacy protection across international markets.

It will also enable organisations to, in the future, more seamlessly attain both the DPTM and the APEC Cross-Border Privacy Rules (CBPR) or Privacy Recognition for Processors (PRP) system certifications.

Organisations certified under the APEC CBPR or PRP systems will be able to legitimately transfer data across borders with participating APEC economies.

This will give overseas consumers and business partners confidence in your organisation, especially those from countries with stringent data protection laws.

5. Funding support for DPTM is available

For Singapore companies: Enterprise Singapore (ESG) is offering funding support through the Enterprise Development Grant (EDG) for some of the costs of DPTM certification and consultancy services.

For social service organisations: The National Council of Social Services (NCSS) is offering funding support for social service organisations through the NCSS Organisational Development Grant (ODG).

For SMEs and NPOs: IMDA will waive the application fee for SMEs (small and medium-sized enterprises) and NPOs (non-profit organisations) till December 31, 2019.

Learn more and apply at www.imda.gov.sg/dptm

Brought to you by IMDA and PDPC