APEC Cross Border Privacy Rules (CBPR) & Privacy Recognition for Processors (PRP)
ISOCert is an approved Assessment Body by Infocomm Media Development Authority (IMDA) to support organizations in assessing their data protection practices is conform to the APEC Privacy Framework. Singapore recognises the APEC CBPR and PRP certifications for overseas transfers of personal data under the PDPA. This means that organisations in Singapore can easily transfer personal data to the overseas certified recipient without meeting additional requirements.
About CBPR Certification
APEC CBPR System was developed by APEC economies to build consumer, business and regulator trust in cross-border flows of personal data. This requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework and helps to bridge differing national privacy laws within the APEC region, reducing barriers to the flow of information for global trade. CBPR System applies to organisations (data controllers) that control the collection, holding, processing, or use of personal data
About PRP Certification
APEC Privacy Recognition for Processors (PRP) System was designed for organisations (data processors) who process data on behalf of client organisations (data controllers), to demonstrate their ability in providing effective implementation of a controller’s privacy requirements. The PRP certification is based on 2 of the 9 principles of APEC Privacy Framework: Security Safeguards and Accountability.
Announcement
Government supports on consultancy and assessment fee.
Funding Support (applicable for DPTM, CBPR and PRP certifications)
Eligible organisations can consider applying to Enterprise Singapore (ESG) to seek support for some of the costs for DPTM/CBPR/PRP certification and consultancy services. Eligible organisations applying for the Enterprise Development Grant (EDG) are entitled up to 50% government support for qualified project.
For more information, visit www.imda.gov.sg/dpcertifications.