The Prominent New Data Protection/Privacy Standards – ISO27001 and Data Protection Trustmark (DPTM)
Singapore’s Infocomm Media Development Authority launched the Data Protection Trustmark Certification (DPTM) to help increase the standard of personal data protection practices within Singapore organisations. Organisations can apply for DPTM if they want to strengthen their current data protection policies and practices.
Aside from investing in data protection courses, attaining the DPTM will also at as proof of the organisation’s trustworthy data protection practices. The DPTM was rolled out with the following crucial objectives in mind:
- So organisations can demonstrate accountable and sound data protection practices
- To promote and enhance consistency in data protection standards across all sectors
- To provide certified businesses with a competitive advantage
- To boost the confidence of consumers in the organisations’ management of their personal data
According to most Data Protection Officers (DPOs) there are three key reasons why pursuing the DPTM would be beneficial for any organisation:
- It can help set a standard to prepare for a regional compliance programme
- It can hep act as a competitive advantage in tender considerations
- It can help those who are aiming to achieve high level of data protection excellence as an organisation
However, despite the enticing benefits, many organisations are still not familiar with the qualification process, application procedures, and requirements.
Who Can Apply for DPTM
Any organisation recognised or formed under the laws of Singapore can apply for DPTM. Any resident or people with an office of business based in Singapore can also do the same. This can also extend to organisations that have been undergoing investigations by the PDPC or those that have breached the PDPA.
Organisations can apply for DPTM given that they are willing to comply with certain conditions such as making an official declaration of all the investigations or breaches within the last two years prior to their date of application for the DPTM.
ISO/IEC 27701 is a global standard that is published by the International Organization for Standardization (ISO). It provides guidance to organisations that are establishing, implementing, maintaining, and continually improving their Privacy Information Management System (PIMS).
The risks of personal data breach via a security incident have been steadily on the rise for many years. An analysis released by Chubb Limited, an insurance company, the global incidents of cybersecurity increased by a staggering 540%.
To address the various risks, business organisations need to implement a strong data protection management programme including information security.
The Benefits of ISO/IEC 27701 Certification
The introduction of EU GDPR as well as other data protection laws, organisations need to comply with the different regulations and laws around the world. While security focuses on governing unauthorised access to information, privacy is all about governing any unauthorised access to data.
Below are some of the notable benefits of implementing ISO/IEC 27701 to the business:
- Establishes trust in the company. It minimises the risks to data privacy rights of data subjects. It also allows better management of privacy controls.
- It enhances protection from breaches. Organisations can minimise security incidents as well as its impact. It also ensures there is no harm done to the company’s reputation.
- It provides transparency to stakeholders including the customers. When there is transparency, customer trust and confidence is also improved.
- Organisations gain a competitive advantage and they can address the varying expectations of their customers as well as other interested parties.
- It assimilates smoothly with leading information management system standards.
- It facilitates partnerships with other organisations where international recognition of their conformity to international standards.