About the Data Protection Essentials (DPE) Programme
The Data Protection Essentials (DPE) programme is a key initiative in promoting cyber security in Singapore and supports Small and Medium Enterprises (SMEs*) in acquiring a basic level of data protection and security practices to protect their customers’ personal data and recover quickly in the event of a data breach.
* SMEs are businesses (a) registered and operating in Singapore; and (b) have group annual sales turnover of not more than S$100 million per annum, or group employment size of not more than 200 employees.
What does it entail?
DPE consists of 2 products which SMEs can use to manage data protection risks:
|Newly incorporated SMEs||SMEs that collect and use personal data more intensively|
Foundational security solutions
Holistic one-stop professional service
Benefits of implementing one-stop professional service
SMEs who successfully implemented the holistic one-stop professional service and signed a minimum 1-year retainer will be Listed on IMDA’s website (150.89KB) and awarded the DPE logo (terms and conditions apply (244.44KB)) as a recognition of their efforts to put in place baseline data protection standard.
In the event of a data breach, the PDPC may consider a SME’s implementation of the DPE as a mitigating factor.
Sign up now!
SMEs can sign up for the foundational encryption and backup solutions (under Cybersecurity category) through the following Start Digital partners:
|Singtel||Business Protect Basic + Acronis Cloud Back Up|
One-stop professional service
The cost of professional service to implement baseline data protection standard starts from $2,500 for one-time setup. The retainer service cost will be advised by the service providers. SMEs can sign up with the following service providers.
Non-profit organisation (NPO, e.g. social service agency, charity, association) registered and operating in Singapore are welcomed to adopt.
|DPE service providers*||Contact person||Contact no|
|CyberSafe Pte Ltd
||Dave Gurbani||8725 email@example.com|
|Greenwich Management Consultancy Pte Ltd
||Michelle Chew||9876 firstname.lastname@example.org
|Momentum Z Pte Ltd||Shane Chiang||9681 email@example.com|
|PDataCare Consultancy Pte Ltd
||Gn Chiang Soon||9616 firstname.lastname@example.org|
||Hoi Wai Khin||9450 email@example.com
|TRS Forensics Pte Ltd||Tan Swee Wan||9755 firstname.lastname@example.org
- SME should exercise its own due care and judgement in its selection of any provider.
- IMDA is not a party to the contract between your organisation and the provider.
- The provider is not an employee, worker, agent or partner of IMDA.
- IMDA does not provide any guarantee in respect of and is not responsible for any service provided by the provider or any contract entered into with the provider.
- Implementing the one-stop professional service does not signify that the SME will be fully compliant with the PDPA.
For information on how to be a DPE Service Provider, please email to email@example.com
A fixed grant amount of $1,600 from IMDA is available for eligible SMEs through the IMDA grant that successfully implemented the DPE one-stop professional service. APPLY NOW before it ends on 31 March 2024. Conditions of grant apply.
Download the DPE information kit (427.13KB) for more details on DPE programme and the grants/claims process.
The following entities do not qualify for this grant support:
- Non-profit organisations (NPOs) including social service agencies (SSAs), charities and associations
- Eligible SSAs and charities can consider applying to the National Council of Social Service’s (NCSS) Tech-And-GO! Initiative for funding support.
Embark on your digitalisation journey with expert guidance from IMDA in Singapore
You can seek advice from CTO-as-a-Service for recommended DPE solutions and professional services.
You can also use CTO-as-a-Service to self-assess your digital readiness and access other supported solutions and resources to help you go digital, such as digital consultants for advisory and project management services.
Learn more at
What's next for SMEs?
SMEs can strive towards getting the Data Protection Trustmark (DPTM) certification as part of their data protection journey. As they increase their usage of data, data protection security becomes more critical than ever. The DPTM would help SMEs that are looking to build their brand with a third-party validation of their data protection regime which strengthens customer trust and increases their competitive edge. For more information about the DPTM, visit www.imda.gov.sg/dptm.
For queries, please email firstname.lastname@example.org or call 6377 3800.