Companies can apply to the Infocomm Media Development Authority (IMDA) to have their data protection systems certified under a pilot scheme launched yesterday by the authorities.
They can choose one of three independent bodies to carry out an assessment of their system: ISOCert, Setsco Services and TUV SUD PSB.
They will need to pay the orga-nisation an assessment fee of at least $1,400.
Companies whose system meets the standards of the Data Protection Trustmark (DPTM) certification can use and display a DPTM logo in their business communications for three years.
The certification scheme was announced last year as part of several initiatives to ensure that the data protection ecosystem in Singapore stays up to date.
The pilot run is to help regulator IMDA and data security watchdog Personal Data Protection Commission (PDPC) finalise the scheme's process and framework before the certification is rolled out officially by the end of this year.
A CULTURE OF ACCOUNTABILITY
While the Government will do its part to facilitate innovative and accountable data use, we strongly encourage organisations to put in place measures to do the same.
MINISTER FOR COMMUNICATIONS AND INFORMATION S. ISWARAN, who is also Minister-in-charge of Cyber Security, on the need for organisations to build consumer trust by developing a culture of accountability.
In a joint statement, IMDA and PDPC said the certification will give entities a competitive edge as it would help consumers identify organisations that have in place data protection policies and practices that are assessed independently.
The DPTM, which applies only to organisations based in Singapore, also incorporates relevant international data protection principles, such as the Asia-Pacific Economic Cooperation (Apec) Privacy Framework.
This will pave the way for organisations with the certification to attain international certification more seamlessly.
It will also give them another mechanism to legitimately transfer data across borders to other certified organisations in the participating Asia-Pacific economies, said the joint statement.
Yesterday, Minister for Communications and Information S. Iswaran said that for data protection, Singapore cannot rely only on the Personal Data Protection Act.
Organisations must develop a culture of accountability to build consumer trust, he told participants at the 6th Personal Data Protection Seminar.
Mr Iswaran, who is also Minister-in-charge of Cyber Security, said: "While the Government will do its part to facilitate innovative and accountable data use, we strongly encourage organisations to put in place measures to do the same."
Eight companies are already involved in the pilot. They include Singtel, DBS Bank, RedMart and Fullerton Healthcare Group.
Commenting on last week's SingHealth data breach, which was Singapore's worst cyber attack, Mr Iswaran reiterated in his speech that the PDPC will take into account the Committee of Inquiry's report in its assessment of any appropriate action to be taken.
He also said Singapore will not stop its Smart Nation efforts.
"We have started our Smart Nation journey, and we will continue to move forward to seize opportunities afforded by technology, even as we strengthen our systems, so as to build and sustain trust that we have painstakingly built up over the years," he added.
Organisations that want to participate in the pilot will need to sign up by Sept 30.