WHAT IS DATA PROTECTION TRUSTMARK CERTIFICATION (DPTM)?
DPTM is an enterprise-wide certification that signifies an organisation’s commitment to upholding high standards of data protection.
The Data Protection Trustmark (DPTM), jointly developed by the Personal Data Protection Commission (PDPC) and the Infocomm Media Development Authority (IMDA), was introduced as a voluntary, enterprise-wide certification to evaluate an organisation’s data protection maturity through a structured governance audit.
In 2025, it has been formalised as Singapore Standard SS 714:2025, further strengthening its national recognition and credibility.
WHY IS DPTM IMPORTANT?
This Standard Aims To:
- Strengthen and demonstrate compliance with regulatory and legal requirements for personal data protection, while promoting organisational accountability.
- Enhance and drive consistency in data protection standards across industries.
- Offer certified businesses a competitive edge in the marketplace.
- Encourage transparency and accountability in data protection practices, fostering greater consumer trust in how organisations manage personal data.
KEY DATA PROTECTION PRINCIPLES
The standard covers the following principles applicable to organisations that manage personal data:
a) Governance and transparency
Appropriate data protection policies and practices (e.g., risk assessment, data breach management plan) for managing personal data, and the communication of these policies and practices to stakeholders.
b) Management of personal data
Appropriate procedures for obtaining consent to collect, use, and disclose data for appropriate purposes, including required notifications.
c) Care of personal data
Appropriate procedures for ensuring the security, accuracy, completeness, retention, and disposal of personal data.
d) Safeguarding individuals’ rights
Procedures enabling individuals to withdraw consent, access their personal data, and request corrections.
GICG HELPS YOU TO DEMONSTRATE ACCOUNTABLE DATA PROTECTION PRACTICES.
GICG is one of the leading and internationally recognised Testing, Inspection and Certification (TIC) organisation with over 30 years of experience in risk management and certification for Information Security and Data Protection management systems and training.
A DPTM certification from GICG shows that your organisation has a system and practices in place for ensuring that you meet the required data protection practices and builds confidence among your stakeholders and customers.
Prior to undergoing the audit for the certification requirements, organisations shall conduct a thorough self-assessment to ensure readiness and compliance with the necessary data protection measures.Â
The self-assessment can be performed using a series of internal checklists to evaluate the robustness of the processes and the completeness of the documentation. This self-assessment can also be performed with the assistance of external consultants.
Who should apply for DPTM SS 714:2025 certification?
DPTM SS 714:2025 certification is suitable for organisations of all sizes.