About Data Protection Essentials
The digital age and modern technology landscape makes it crucial for Small and Medium Enterprises (SMEs) to work towards prioritising data protection and strengthening their cybersecurity practices. The Data Protection Essentials (DPE) framework provides a baseline standard of data protection that SMEs can use to safeguard their customers’ personal data, build trust with their stakeholders and recover swiftly in the event of a data breach.
SMEs in Singapore are strongly encouraged to reference the DPE framework in their digitalisation journey to ensure that your organisation is handling customers’ personal data responsibly.
Data Protection Essentials in 7 steps
By following the framework and using the DPE Checklist, SMEs can easily implement basic data protection and security practices.
For SMEs that already have data protection measures in place, the checklist can also be used to verify if their existing systems are adequately protected.
These tools and resources developed by the Personal Data Protection Commission (PDPC) and Cyber Security Agency of Singapore (CSA) are available to help SMEs demonstrate greater accountability to their customers and enhance business competitiveness in the longer term:
- For cloud users: Use the Quickstart secure configuration guide (2.23MB) for Google Workspace and Microsoft 365 Office to mitigate common data breach risks.
- For data professionals: Download the DPE Checklist for specific tools and resources to guide you in implementing the DPE framework.
Benefits of implementing the DPE Checklist
The DPE Checklist provides SMEs with guidance on data protection and cybersecurity best practices, bolstering their cyber resilience and response to cyber threats.
- With a basic level of data protection and cybersecurity practices, organisations can safeguard their customers’ personal data and recover swiftly in the event of a data breach.
- Should a data breach occur, the PDPC may consider an organisation’s implementation of the DPE framework favourably in deciding an enforcement outcome.
DPE solution providers
Need help in implementation? Approach any of the following service providers to kickstart your data protection and cybersecurity journey.
DPE service providers* | Contact person | Contact no | |
---|---|---|---|
ATET Pte Ltd |
Daniel Goh | 6980 0702 | info@atetsecurity.com |
CyberSafe Pte Ltd |
Dave Gurbani | 8725 9789 | info@cybersafe.sg |
Greenwich Management Consultancy Pte Ltd |
Michelle Chew | 9876 6828 | michelle@greenwich.com.sg admin@greenwich.com.sg |
Momentum Z Pte Ltd | Shane Chiang | 9681 2888 | shane@mzt.one |
PDataCare Consultancy Pte Ltd |
Gn Chiang Soon | 9616 8660 | chiangsoon@pdatacare.com |
RAYN Secure Pte Ltd | Naresh Parshotam | 88191426 | naresh.parshotam@raynsecure.com |
RSM Singapore |
Hoi Wai Khin | 9450 2678 | hoiwaikhin@rsmsingapore.sg |
TRS Forensics Pte Ltd | Renee Tan | 9297 1316 | reneetan@trsforensics.com |
* The following terms and conditions apply:
- The cost of service will be advised by the service providers.
- SMEs should exercise due care and judgement in selecting providers.
- Any engagement of the service providers is strictly on a private basis between the service provider and the SMEs and IMDA is not a party to such an engagement.
- The provider is not an employee, worker, agent, or partner of IMDA.
- IMDA does not provide any guarantee in respect of, and is not responsible for, any service provided by the provider or any contract entered into with the provider.
- Service implementation does not represent the SME’s full compliance with the PDPA.
Contact us
Discover more
Learn more about related programmes and access materials to support your digitalisation journey.