Be aware of scammers impersonating as IMDA officers and report any suspicious calls to the police. Please note that IMDA officers will never call you nor request for your personal information. For scam-related advice, please call the Anti-Scam helpline at 1800-722-6688 or go to www.scamalert.sg.

Shield above a tablet desktop

Data Protection Essentials (DPE)

About Data Protection Essentials

Data Protection Essentials Logo

The digital age and modern technology landscape makes it crucial for Small and Medium Enterprises (SMEs) to work towards prioritising data protection and strengthening their cybersecurity practices. The Data Protection Essentials (DPE) framework provides a baseline standard of data protection that SMEs can use to safeguard their customers’ personal data, build trust with their stakeholders and recover swiftly in the event of a data breach.

SMEs in Singapore are strongly encouraged to reference the DPE framework in their digitalisation journey to ensure that your organisation is handling customers’ personal data responsibly.

Data Protection Essentials in 7 steps

By following the framework and using the DPE Checklist, SMEs can easily implement basic data protection and security practices.

For SMEs that already have data protection measures in place, the checklist can also be used to verify if their existing systems are adequately protected.

These tools and resources developed by the Personal Data Protection Commission (PDPC) and Cyber Security Agency of Singapore (CSA) are available to help SMEs demonstrate greater accountability to their customers and enhance business competitiveness in the longer term:

Benefits of implementing the DPE Checklist

The DPE Checklist provides SMEs with guidance on data protection and cybersecurity best practices, bolstering their cyber resilience and response to cyber threats.

  • With a basic level of data protection and cybersecurity practices, organisations can safeguard their customers’ personal data and recover swiftly in the event of a data breach.
  • Should a data breach occur, the PDPC may consider an organisation’s implementation of the DPE framework favourably in deciding an enforcement outcome.

DPE solution providers

Need help in implementation? Approach any of the following service providers to kickstart your data protection and cybersecurity journey.

DPE service providers* Contact person Contact no Email
CyberSafe Pte Ltd
Dave Gurbani 8725 9789 info@cybersafe.sg
Greenwich Management Consultancy Pte Ltd
Michelle Chew 9876 6828 michelle@greenwich.com.sg
admin@greenwich.com.sg
Momentum Z Pte Ltd Shane Chiang 9681 2888 shane@mzt.one
PDataCare Consultancy Pte Ltd
Gn Chiang Soon 9616 8660 chiangsoon@pdatacare.com
RAYN Secure Pte Ltd Naresh Parshotam  88191426 naresh.parshotam@raynsecure.com
RSM Singapore
Hoi Wai Khin 9450 2678 hoiwaikhin@rsmsingapore.sg
TRS Forensics Pte Ltd Renee Tan 9297 1316 reneetan@trsforensics.com

* The following terms and conditions apply:

  • The cost of service will be advised by the service providers.
  • SMEs should exercise due care and judgement in selecting providers.
  • Any engagement of the service providers is strictly on a private basis between the service provider and the SMEs and IMDA is not a party to such an engagement.
  • The provider is not an employee, worker, agent, or partner of IMDA.
  • IMDA does not provide any guarantee in respect of, and is not responsible for, any service provided by the provider or any contract entered into with the provider.
  • Service implementation does not represent the SME’s full compliance with the PDPA.

Contact us

Office workers gathered around a laptop

Organisations that are interested in the DPE programme or to become a DPE service provider can write to us or call 6377 3800.

Find out more

LAST UPDATED: 17 MAY 2024

Explore more