January 16, 2018, 11:01 pm
Facebook iconTwitter iconYouTube iconGoogle+ icon

PH data privacy act’s impact to business

The Philippine government is serious about protecting the right to privacy of its citizens.  In 2012, it passed into law, the Philippine Data Privacy Act (Republic Act No. 10173) that aims to protect every individual’s information recorded on any IT and communication system in both government and private sectors. 

While it has been a law for the last 5 years, businesses and organizations are required to comply with it by September 9, 2017.  The National Privacy Commission (NPC) has been mandated to administer and implement the Data Privacy Act of 2012, and to monitor and ensure compliance of the country with international standards set for data protection.

The NPC said that they must comply with the following rules:

1. Appoint a Data Protection Officer (DPO)
2. Conduct Privacy Impact Assessment (PIA)
3. Create a Privacy Management Program (PMP)
4. Implement Privacy and Data Protection measures
5. Regularly Exercise Breach Reporting Procedures (BRP)

The Data Privacy Act protects everyone and covers not just SMEs but any organization that employs 250 people or handles more than a thousand customers in their database. Violators can be fined up to PhP5M for committing the acts penalized by the DPA.

It also helps prevent and mitigate identity theft and fraud which has been on the rise for the last several years. There are horror stories on how people lost their savings because someone stole their IDs and made with their money.

Some used their identity to make exorbitant purchases or took out huge loans. These victims ended up with huge debts. Interestingly, only a smart percentage of victims say they were victimized through online. Many more were victimized because they got their wallets stolen or someone used paperwork that contained confidential information.

The Data Privacy Act ensures that all organizations and businesses protect all private information they’ve accrued or will gather. 

Just how serious is the Philippine government with protecting the citizenry’s privacy rights? The NPC has called out one of the biggest government agencies and even large corporations that hold Personally Identifiable Information (PII) for privacy violations that were stated in the Data Privacy Act.
No votes yet

Column of the Day

The real chilling effect

By ABIGAIL VALTE | January 17,2018
‘Even the half-blind can see the pattern of coercion and elimination employed against those believed to be critical of the Mr. Duterte’s moves.’

Opinion of the Day

Despite corporate questions, Rappler case is a press freedom issue

By ELLEN TORDESILLAS | January 17, 2018
‘The decision of the Securities and Exchange Commission to void the registration of Rappler as a media entity is a press freedom issue.’