Data Protection and Data Trust Rating certifications for S’pore enterprises in the works
Data protection and digital trust are increasingly becoming important factors for companies and governments alike.
The Covid-19 pandemic has forced a majority of individuals online for entertainment, shopping, and remote work, increasing their cybersecurity risk profiles.
As such, it is ever more essential that users are assured that their personal data are protected and have a more fulfilling and smoother experience when accessing online services.
Last month, Singapore tech trade association SGTech announced the launch of a Digital Trust Committee formed by leading players in the tech and digital ecosystems in Singapore and the APAC region.
Recently, the organization announced that they would be embarking on a pilot for a new dual Data Trust Rating and Data Protection Certification in Singapore.
SGTech aims to accelerate Singapore’s digital transformation, basing its approach on trust as a differentiating foundational factor.
Singapore’s enterprises comprise 99% of SMEs, and SGTech opines that it is crucial that these players embrace digitalization quickly, and understand the strategic value of demonstrating trust to their stakeholders and customers.
As such, the dual certification by a recognized authority aims to be a means to verify and certify that enterprises are competent and well-poised to need the digital needs of users and customers.
SGTech’s participation in the pilot seeks to demonstrate to SMEs, especially its members, that size and scale of an enterprise would not be barriers to obtaining a credible certification. SGTech intends to highlight areas that can be refined and improved so SMEs can enjoy a smoother experience while obtaining the certification.
“The work that we do at SGTech involves handling sensitive personal and company data. We have had our sights on the Data Protection Trust Mark (DPTM) since its launch. We have been fine-tuning our practices and processes to ensure that we are up to the mark and can assure our members and partners that their data is safe in our hands,” said SGTech Chairman Wong Wai Meng.
“Participating in and getting dual certifications through this pilot allows us to demonstrate accountability to our stakeholders. We like that the Credence DTRS maturity rating considers aspects beyond compliance with an organization’s obligations under the PDPA – to its implementation, including business needs, risk profile, and risk management strategy.”
The pilot program was conceived by members of the Credence Committee and provides a digitalized way for organizations to prove the veracity of their internal processes and controls, in order to obtain two certifications – the Data Protection Trust Mark (DPTM) and a maturity rating using the Credence Data Trust Rating System (Credence DTRS).
While the DPTM certifies that an organization has put in place a data protection regime to comply with the obligations of the PDPA, the Credence DTRS complements the DPTM, extending to implementation details based on an organization’s line of business, corporate governance, risk profile, business needs, and strategy to effectively manage its risks.