Tuesday, April 29, 2025
Subscribe
Corporate Business

NPC circulars strengthen data privacy protection

- Advertisement -

The National Privacy Commission (NPC) issued two circulars that would further strengthen personal data protection in the Philippines.

NPC Circular 2023-05 outlines the prerequisites for organizations and Certification Bodies (CBs) participating in the Philippine Privacy Mark (PPM) Certification Program, while the NPC Circular 2023-06 governs the security of personal data in the government and private sector.

“Through these circulars, the NPC aims to provide guidance to organizations in further complying with the Data Privacy Act of 2012, its implementing rules and regulations, and other issuances of the NPC,” said Privacy Commissioner John Henry D. Naga stated, The PPM Certification Program is an initiative by the NPC to assess public and private organizations to ensure the secure and protected processing of personal information in implementing their respective data privacy and protection management systems.

- Advertisement -

NPC Circular 2023-05 provides the prerequisites for certification of personal information controllers (PICs) or personal information processors (PIPs) and accreditation of CBs under the PPM Certification Program. A PIP seeking certification under the PPM Certification Program must be certified with ISO/IEC 27001 and ISO/IEC 27701 standards for Information Security Management Systems (ISMS) and Privacy Information Management System (PIMS) respectively. CBs must also meet these standards, along with ISO/IEC 17021-1 for accreditation.

The NPC Circular 2023-05 took effect on March 15.

NPC Circular 2023-06 or the Security of Personal Data in the Government and Private Sector provides updated requirements for the security of personal data processed by a PIC or PIP. To ensure data security, the circular enumerates the general obligations of a PIC or PIP which includes the designation and registration of a Data Protection officer, registration of data processing systems, conducting Privacy Impact Assessment Privacy Management Program, periodic training of personnel on privacy and data protection policies, and compliance with the orders of NPC.

Author

- Advertisement -
Previous article
DTI signs lease contract for Filinvest Buendia
Next article
PH, Czech Republic eye tie-ups in agri

Share post:

About us

Malaya Business Insight comes to you in a very readable package: A fusion of in-depth news, excellent news analyses, the credible prognosis of events, powerful commentaries and balanced updates on what is happening and about to happen in corporate board rooms, in the diverse business and industry sectors, in Philippine regional and global politics and in the exciting world of sports, arts, entertainment, and lifestyle.

© 2025 Malaya Business Insight.
All Rights Reserved.

Developed by Neitiviti Studios