Skip to main content

Advertisement

Advertisement

More companies urged to apply for Data Protection Trustmark certification

SINGAPORE — Companies that want a third party to assess their data protection measures may join eight organisations that have already signed up for the pilot phase of a new certification scheme by the Infocomm Media Development Authority (IMDA) and the Personal Data Protection Commission (PDPC).

The scheme, called the Data Protection Trustmark, will allow consumers to immediately identify organisations that have sound data protection policies and practices.

The scheme, called the Data Protection Trustmark, will allow consumers to immediately identify organisations that have sound data protection policies and practices.

Follow TODAY on WhatsApp

SINGAPORE — Companies that want a third party to assess their data protection measures may join eight organisations that have already signed up for the pilot phase of a new certification scheme by the Infocomm Media Development Authority (IMDA) and the Personal Data Protection Commission (PDPC).

The scheme, called the Data Protection Trustmark, will allow consumers to immediately identify organisations that have sound data protection policies and practices.

The IMDA and PDPC believe it will give certified organisations a competitive edge.

Preschool Carpe Diem at ITE College Central, DBS Bank, Singtel and online grocer RedMart are among the eight organisations that have signed up for the certification.

The pilot phase will help the authorities to finalise the certification framework and process prior to its launch, expected at the end of this year.

Assessment is done by three independent bodies – ISOCert, Setsco Services and TUV SUD PSB – appointed by the IMDA. Fees start from S$1,400 and the certification process may take two months or more.

The independent bodies will submit their assessments to the IMDA for review and approval, and the IMDA will issue the Data Protection Trustmark if it is satisfied with the measures in place. The certification is valid for three years.

“The Data Protection Trustmark would be a visible badge of recognition for accountable and responsible data protection practices used by organisations, including appropriate data protection policies and practices, adequate measures to identify and address data protection risks, and a sound data breach management plan,” Minister for Communications and Information S Iswaran said on Wednesday (July 25) at the 6th Personal Data Protection Seminar.

The certification process will also assess how secure applicants' IT systems – where the personal data reside – are.

Data protection and cybersecurity came under the spotlight following the massive cyberattack on SingHealth which saw the personal information of 1.5 million patients stolen.

The trustmark incorporates relevant international data protection principles including that of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data and the APEC Privacy Framework. It will enable the certified organisations to more seamlessly attain some international certifications.

Mr Eric Chung, DBS’ senior vice-president of financial crime and security services, said the trustmark will reinforce to customers that their “money and personal data is safe with us”.

He added: "Ultimately having a seal is not enough......it's really our day-to-day operations, how we show in our practices, in our interaction with customers, that we do value their personal data, we protect and use it responsibly."

The trustmark is open to all organisations based in Singapore and those interested to be part of the pilot may sign up by Sept 30.

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.