Roll into the checklist for the Data Protection Trust Mark DPTM – The data security mark in Singapore
In Singapore there is a constant monitoring and control to prevent sharing of our personal data and most primarily our name, address, IC and the contact number. These are shared in various places for different purposes and the reason behind is we can always ‘stay connected’ with the world. In such a situation, companies need to ensure that your data are kept safe and secure and used with utmost responsibility.
To note: Start looking for an organization with sound data protection policies as in – Data Protection Trustmark (DPTM) assessed companies. The organizations certified with this DPTM will hold the data policies in such a way that they manage, protect and securely access your personal data as per the guidelines and framework of the certification.
The DPTM certification is adapted from the PDPA – Personal Data Protection Act and with all the international benchmarks and best practices, the organizations with DPTM certification will build a framework in such a way that they demonstrate accountability in the personal data that is used with proper protection and all disposal measures.
How does GQS help in DPTM ?
Global Quality Services will do all the document preparation and consultancy required and provides you the support for DPTM Trustmark certification to the organizations and ensures that they are mapped with the high end data protection policies and the practices that are associated in it too.
Since all these are related to the data protection activities, the policies are kept in robust manner and the comprehensive criteria tells the organization to,
- Align a trained data protection officer DPO to handle the data, monitor incidents and report.
- The use and disclosure of the data must be reasonable and must be obtained only with the consent of the person from whom it is collected
- The data must be appropriately used with all the protection, retention and disposal policies
- In the event of a data breach, there must be proper correction measures
“Learn to protect your data: Era to a starting point of big things”
You need to know about the checklist for the DPTM certification so that you can easily pick things for your implementation of DPTM !
You can use the checklist to mark completion of the tasks that are mentioned in the checklist and once everything is documented, you are ready to apply for the DPTM certification and most importantly ‘meeting all these will not neccessary map you with the DPTM certification’.
While going through the DPTM assessment, the organization must ensure that they are providing an evidence for the following:
- Documentation of the data protection policies and processes
- Applied benefits of all the data protection policies and processes which are implemented and practiced in a good way
Let’s tick your checklist now…
With the principle of governance and transparency, you need to establish the data protection policies and practices as in,
- Internal data protection policy and notice for the employees
- External data protection notices for the customers, job applicants, visitors and etc..,
- Agreement with the third party vendors for managing the organizations’ personal data
There must be a proper communication about the data protection policies to the internal and external stakeholders via proper platforms as in,
- Providing a privacy notice about the organizations’ policy with the service/product sign up form or any other forms
- Providing a data protection notice in the employment form and getting it signed from the employees
- Providing privacy notice about the organization in the job portal and the job application forms for the job applicants
- Providing third party agreements or other forms to the vendors as well
In accordance to the principle of management of personal data, the organization must provide,
- Appropriate purpose for the collection of personal data and get that notified to the concerned person
- Appropriate consent about the data protection notice on the website, employee notice and the organization must be clear and assessible in these notifications
- Appropriate use and disclosure of the documented policies and processes for the use and disclosure of the personal data
- Appropriate compliant with the transfer limitation obligation for the overseas transfer in case of engaging in activities to transfer the data to overseas
Must ensure the care of personal data by making,
- Appropriate protection as per the information security policy
- Proper retention and disposal for all the personal data in the possession
- Accurate and complete records to check for the inaccurate and out dated personal data
The organization must take care of the individual’s rights too by,
- Bringing into effect of the withdrawal of consent for the documented policies
- Providing access and correction rights to individuals and must maintain a record of all the correction requests from individuals too.
Understand and make a tick in this checklist before applying for the DPTM certification and GQS Singapore aims to foster this processes in the most effective way and brings you this certification with an accountable data protection practices that is to be implemented.
To Know More Drop an Email to [email protected]