Data Protection Trustmark Certification (DPTM)

WHAT IS DATA PROTECTION TRUSTMARK CERTIFICATION (DPTM)?

As part of advancing the digital economy strategy to allow Singapore to stand out as a trusted data hub with a well-developed data ecosystem that supports competition and innovation as well as the cross-border flow of data, the Info-communications Media Development Authority (IMDA) has developed the Data Protection Trustmark (DPTM) Certification to help organisations verify their conformance to personal data protection standards and best practices.

WHY IS DPTM IMPORTANT?

In an ever-changing technology landscape, the need to recognise the importance of protecting a company’s data is paramount. Today, consumers care more about data protection with the increasing scale of data breaches and hacks. To gain consumer confidence and trust, organisations now need to look at how it can better protect customers' data especially in relatively new areas like machine and artificial intelligence

TÜV SÜD HELPS YOU TO BOOST CONSUMER TRUST IN YOUR ORGANISATION’S DATA PROTECTION PRACTICES

TÜV SÜD PSB is a leading and internationally recognised Testing, Inspection and Certification (TIC) organisation with over 40 years of experience in certification and well-versed in both Personal Data Protection Act (PDPA) and General Data Protection Regulation (GDPR). Empanelled by Info-communications Media Development Authority (IMDA) as an assessment body for the DPTM certification, we help businesses like yours to validate and strengthen your data protection framework.

With Data Protection Trustmark (DPTM) certification, your business gains trust and fosters confidence among your customers and stakeholders as you demonstrate that you have adopted robust and accountable data protection practices.

DPTM ASSESSMENT WITH TÜV SÜD

As an data protection trustmark assessment body, our responsibilities include but are not limited to: 

• BRIEFING APPLICANTS ABOUT THE ASSESSMENT PROCESS FOR THE DPTM CERTIFICATION SCHEME
  Relevant personnel from TÜV SÜD will walk the applicant through the entire application and certification process. This will facilitate applicant to understand the journey to achieve certification.
  

• DETERMINING THE SCOPE OF DATA PROTECTION TRUSTMARK ASSESSMENT
  Various details pertaining to the organisation will be collected as a reference for assessor to determine the audit scope.
  

• CONDUCTING A DESKTOP REVIEW OF THE DOCUMENTS/EVIDENCE PROVIDED BY THE APPLICANT
  To effectively conduct the audit, there will be two stages of assessment: offsite documentation assessment & onsite certification assessment. Offsite assessment checks applicant’s documentation (e.g. policy, manual & procedure) to identify any lapses/gaps which may hinder the onsite assessment.
• CARRYING OUT AN ONSITE ASSESSMENT TO IDENTIFY GAPS WHICH ORGANISATIONS SHOULD ADDRESS
  Upon resolving the identified findings from offsite assessment, a scheduled onsite assessment will further verify the effectiveness of the system implementation by reviewing evidences, in sampling approach, that support what has been drafted in organisation’s policy, manual and procedure. Gaps identified during the onsite assessment will require further remediation from applicant. Evidences will be required by assessor to close the findings.
• PREPARING AN ASSESSMENT REPORT WITH OUR FINDINGS AND RECOMMENDATIONS TO IMDA
  After completion of assessment including any remediation, assessors will compile all information and make a final recommendation to IMDA for their certificate issuance decision.

Application fee waiver & Grant available for eligible organisations 

For more information on the application fee waiver and EDG, please visit the IMDA website here. 

View our customer compliments and testimonials