SlideShare uma empresa Scribd logo

Data Privacy- Security of Sensitive Personal Information

JDP Consulting
JDP Consulting

Data Privacy Law applies to Government Agencies, particularly for the security of sensitive personal information. Summary: 1) Data Privacy Law applies to Government Offices. 2) Heads of Agencies are the ones primarily responsible for compliance. 3) Security clearance is required for Government Employees who are accessing sensitive personal information. 4) A request approved by the Head of the Agency is required prior to transportation or access off-site of sensitive personal information. 5) NPC registration is required for Government Contractors for contracts involving access or requiring senstive personal information from at least 1,000 individuals.

Direito
1 de 10
Baixar para ler offline
Security of Sensitive Personal Information in Government Basics of Philippine Data Privacy Law for Non-Lawyers
Applicability to Government The Data Privacy Law expressly and specifically provides for the applicability of the provisions to Government Agencies. Accordingly, heads of agencies are made primarily responsible for ensuring that their offices are compliant with the security of sensitive personal information that are in their control or custody. Reference: Section 22, R.A. 10173
Responsibility: Heads of Agencies All sensitive personal information maintained by the government, its agencies and instrumentalities shall be secured, as far as practicable, with the use of the most appropriate standard recognized by the information and communications technology industry, and as recommended by the Commission. The head of each government agency or instrumentality shall be responsible for complying with the security requirements mentioned herein while the Commission shall monitor the compliance and may recommend the necessary action in order to satisfy the minimum standards. The heads of agencies are made primarily responsible for compliance with the security requirements set by the Data Privacy Law. The NPC has the authority to monitory compliance and recommend to the agency the necessary to action to comply with the minimum standards. Reference: Section 23, R.A. 10173
Responsibility: Heads of Agencies (a) On-site and Online Access – Except as may be allowed through guidelines to be issued by the Commission, no employee of the government shall have access to sensitive personal information on government property or through online facilities unless the employee has received a security clearance from the head of the source agency. Sensitive personal information with the Government is required to be maintained as strictly confidential and only for those authorized to access them. Accordingly, security clearance is required before a Government employee may be able to access these sensitive personal information. Reference: Section 23, R.A. 10173
Responsibility: Heads of Agencies (b) Off-site Access – Unless otherwise provided in guidelines to be issued by the Commission, sensitive personal information maintained by an agency may not be transported or accessed from a location off government property unless a request for such transportation or access is submitted and approved by the head of the agency in accordance with the following guidelines: (1) Deadline for Approval or Disapproval – In the case of any request submitted to the head of an agency, such head of the agency shall approve or disapprove the request within two (2) business days after the date of submission of the request. In case there is no action by the head of the agency, then such request is considered disapproved; Reference: Section 23, R.A. 10173
Responsibility: Heads of Agencies (2) Limitation to One thousand (1,000) Records – If a request is approved, the head of the agency shall limit the access to not more than one thousand (1,000) records at a time; and (3) Encryption – Any technology used to store, transport or access sensitive personal information for purposes of off-site access approved under this subsection shall be secured by the use of the most secure encryption standard recognized by the Commission. Transportation or access off-site of sensitive personal information with the Government requires an approved request by the head of agency. Further, a 1,000 records at a time limitation is imposed. Most secure encryption standard is required of the technology to be used. Reference: Section 23, R.A. 10173
Government Contractors In entering into any contract that may involve accessing or requiring sensitive personal information from one thousand (1,000) or more individuals, an agency shall require a contractor and its employees to register their personal information processing system with the Commission in accordance with this Act and to comply with the other provisions of this Act including the immediately preceding section, in the same manner as agencies and government employees comply with such requirements. Government contractors and their employees have to register their Personal Information Processing System with the National Privacy Commission – if their contracts involve accessing or requiring sensitive personal information from 1,000 or more individuals. Reference: Section 24, R.A. 10173
Summary 1) Data Privacy Law applies to Government Offices. 2) Heads of Agencies are the ones primarily responsible for compliance. 3) Security clearance is required for Government Employees who are accessing sensitive personal information. 4) A request approved by the Head of the Agency is required prior to transportation or access off-site of sensitive personal information. 5) NPC registration is required for Government Contractors for contracts involving access or requiring senstive personal information from at least 1,000 individuals.
Basics of Philippine Data Privacy Law for Non-Lawyers Atty. Jericho B. Del Puerto SME Business Lawyer For inquiries, comment, or permission to use slides, send us an email : info@jdpconsulting.ph. Security of Sensitive Personal Information in Government
Data Privacy- Security of Sensitive Personal Information

Recomendados

Data privacy act
Data privacy actData privacy act
Data privacy actansherina erika dejan
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxCeresMargaretMangibi
 
Data Privacy - Security of Personal Information
Data Privacy - Security of Personal InformationData Privacy - Security of Personal Information
Data Privacy - Security of Personal InformationJDP Consulting
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Jay Castillo
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
27001.pptx
27001.pptx27001.pptx
27001.pptxAvniJain836319
 
Ethical Issues and Relevant Laws on Computing
Ethical Issues and Relevant Laws on ComputingEthical Issues and Relevant Laws on Computing
Ethical Issues and Relevant Laws on ComputingLaguna State Polytechnic University
 

Recomendados

Data privacy act
Data privacy actData privacy act
Data privacy actansherina erika dejan
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxCeresMargaretMangibi
 
Data Privacy - Security of Personal Information
Data Privacy - Security of Personal InformationData Privacy - Security of Personal Information
Data Privacy - Security of Personal InformationJDP Consulting
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Jay Castillo
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
27001.pptx
27001.pptx27001.pptx
27001.pptxAvniJain836319
 
Ethical Issues and Relevant Laws on Computing
Ethical Issues and Relevant Laws on ComputingEthical Issues and Relevant Laws on Computing
Ethical Issues and Relevant Laws on ComputingLaguna State Polytechnic University
 
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1MLG College of Learning, Inc
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectJohn Macasio
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security Sammer Qader
 
Chap 4 (1)
Chap 4 (1)Chap 4 (1)
Chap 4 (1)UNIVERSITAS TEKNOKRAT INDONESIA
 
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Upekha Vandebona
 
Article IV
Article IVArticle IV
Article IVErika Embing
 
Basic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersBasic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersJDP Consulting
 
Information Security at the Workplace
Information Security at the WorkplaceInformation Security at the Workplace
Information Security at the WorkplaceJohn Macasio
 
Information Technology policy
Information Technology policyInformation Technology policy
Information Technology policymarindi
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsPeter Rawsthorne
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Data Privacy - Rights of the Data Subject
Data Privacy - Rights of the Data SubjectData Privacy - Rights of the Data Subject
Data Privacy - Rights of the Data SubjectJDP Consulting
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance PreparationLawPlus Ltd.
 
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...Jay Gonzales
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 
Privacy and Data Protection
Privacy and Data ProtectionPrivacy and Data Protection
Privacy and Data ProtectionDirectorate of Information Security | Ditjen Aptika
 
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Terrance Tong
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 

Mais conteúdo relacionado

Mais procurados

Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1MLG College of Learning, Inc
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectJohn Macasio
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security Sammer Qader
 
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Upekha Vandebona
 
Basic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersBasic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersJDP Consulting
 
Information Security at the Workplace
Information Security at the WorkplaceInformation Security at the Workplace
Information Security at the WorkplaceJohn Macasio
 
Information Technology policy
Information Technology policyInformation Technology policy
Information Technology policymarindi
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsPeter Rawsthorne
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Data Privacy - Rights of the Data Subject
Data Privacy - Rights of the Data SubjectData Privacy - Rights of the Data Subject
Data Privacy - Rights of the Data SubjectJDP Consulting
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance PreparationLawPlus Ltd.
 
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...Jay Gonzales
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 

Mais procurados (20)

Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data Subject
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Security
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security
 
Chap 4 (1)
Chap 4 (1)Chap 4 (1)
Chap 4 (1)
 
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104 Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
Chapter 08 – Data Protection, Privacy and Freedom of Information - BIT IT5104
 
Article IV
Article IVArticle IV
Article IV
 
Basic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersBasic Data Privacy for Non Lawyers
Basic Data Privacy for Non Lawyers
 
Information Security at the Workplace
Information Security at the WorkplaceInformation Security at the Workplace
Information Security at the Workplace
 
Information Technology policy
Information Technology policyInformation Technology policy
Information Technology policy
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Data Privacy - Rights of the Data Subject
Data Privacy - Rights of the Data SubjectData Privacy - Rights of the Data Subject
Data Privacy - Rights of the Data Subject
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
 
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
The 1987 Constitution of the Republic of the Philippines - Reported by: Nels...
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security Blueprint
 
Privacy and Data Protection
Privacy and Data ProtectionPrivacy and Data Protection
Privacy and Data Protection
 

Semelhante a Data Privacy- Security of Sensitive Personal Information

Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Terrance Tong
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Russell_Kennedy
 
ENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptx
ENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptxENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptx
ENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptxKuriakoseBaby1
 
The Proposed Trade Marks (1st Amendment) Rules, 2024
The Proposed Trade Marks (1st Amendment) Rules, 2024The Proposed Trade Marks (1st Amendment) Rules, 2024
The Proposed Trade Marks (1st Amendment) Rules, 2024BananaIP Counsels
 
Duites and Responsibilities of Public Information Officer under the Right To ...
Duites and Responsibilities of Public Information Officer under the Right To ...Duites and Responsibilities of Public Information Officer under the Right To ...
Duites and Responsibilities of Public Information Officer under the Right To ...ParthSagdeo2
 
The electricity 2003_si_21_pdf_18762
The electricity 2003_si_21_pdf_18762The electricity 2003_si_21_pdf_18762
The electricity 2003_si_21_pdf_18762Sandeep Bhowmick
 
Data Privacy - Penalties for Non-Compliance
Data Privacy - Penalties for Non-ComplianceData Privacy - Penalties for Non-Compliance
Data Privacy - Penalties for Non-ComplianceJDP Consulting
 
Private Security Agencies Regulation Act 2005
Private Security Agencies Regulation Act 2005Private Security Agencies Regulation Act 2005
Private Security Agencies Regulation Act 2005Capt Rajeshwar singh
 
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesFOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesbjknight
 
Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017
Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017
Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017Raviforjustice Raviforjustice
 
Data Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General PublicData Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General Publicijtsrd
 
Help direct-enforcement-notice
Help direct-enforcement-noticeHelp direct-enforcement-notice
Help direct-enforcement-noticeVanessa L garcia
 
Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...
Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...
Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...KenfoxLaw
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 

Semelhante a Data Privacy- Security of Sensitive Personal Information (20)

Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
Strengthening the Great Cyber-Wall of China — An Effort in Protecting the Mas...
 
Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)Privacy and Data Protection Act 2014 (VIC)
Privacy and Data Protection Act 2014 (VIC)
 
Information Technology Act 2000
Information Technology Act 2000Information Technology Act 2000
Information Technology Act 2000
 
FOI Executive Order (Freedom of Information)
FOI Executive Order (Freedom of Information) FOI Executive Order (Freedom of Information)
FOI Executive Order (Freedom of Information)
 
ENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptx
ENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptxENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptx
ENVIRONMENT MANAGEMENT AND HUMAN RIGHTS.pptx
 
The Proposed Trade Marks (1st Amendment) Rules, 2024
The Proposed Trade Marks (1st Amendment) Rules, 2024The Proposed Trade Marks (1st Amendment) Rules, 2024
The Proposed Trade Marks (1st Amendment) Rules, 2024
 
Duites and Responsibilities of Public Information Officer under the Right To ...
Duites and Responsibilities of Public Information Officer under the Right To ...Duites and Responsibilities of Public Information Officer under the Right To ...
Duites and Responsibilities of Public Information Officer under the Right To ...
 
The electricity 2003_si_21_pdf_18762
The electricity 2003_si_21_pdf_18762The electricity 2003_si_21_pdf_18762
The electricity 2003_si_21_pdf_18762
 
Anti red tape act (1)
Anti red tape act (1)Anti red tape act (1)
Anti red tape act (1)
 
Data Privacy - Penalties for Non-Compliance
Data Privacy - Penalties for Non-ComplianceData Privacy - Penalties for Non-Compliance
Data Privacy - Penalties for Non-Compliance
 
Private Security Agencies Regulation Act 2005
Private Security Agencies Regulation Act 2005Private Security Agencies Regulation Act 2005
Private Security Agencies Regulation Act 2005
 
Rti act
Rti actRti act
Rti act
 
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representativesFOI reply from MoJ regarding meetings between Grayling and BFG representatives
FOI reply from MoJ regarding meetings between Grayling and BFG representatives
 
Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017
Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017
Rti rules 2017-draft-dopt circular-1 5-2016-ir-31032017
 
Data Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General PublicData Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General Public
 
Help direct-enforcement-notice
Help direct-enforcement-noticeHelp direct-enforcement-notice
Help direct-enforcement-notice
 
Rti rules 2017-redrafted by rti activist
Rti rules 2017-redrafted by rti activistRti rules 2017-redrafted by rti activist
Rti rules 2017-redrafted by rti activist
 
Rti
RtiRti
Rti
 
Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...
Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...
Takedown Notices - How Do ISPs Handle Copyright Infringement Claims in Vietna...
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 

Mais de JDP Consulting

Philippine Franchising Law
Philippine Franchising LawPhilippine Franchising Law
Philippine Franchising LawJDP Consulting
 
What is Control in Contracting and Subcontracting?
What is Control in Contracting and Subcontracting?What is Control in Contracting and Subcontracting?
What is Control in Contracting and Subcontracting?JDP Consulting
 
DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11
DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11
DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11JDP Consulting
 
Special Leave for Women
Special Leave for WomenSpecial Leave for Women
Special Leave for WomenJDP Consulting
 
Service Incentive Leave
Service Incentive LeaveService Incentive Leave
Service Incentive LeaveJDP Consulting
 
Night Shift Differential Pay
Night Shift Differential PayNight Shift Differential Pay
Night Shift Differential PayJDP Consulting
 

Mais de JDP Consulting (20)

Philippine Franchising Law
Philippine Franchising LawPhilippine Franchising Law
Philippine Franchising Law
 
Unfair Labor Practice
Unfair Labor PracticeUnfair Labor Practice
Unfair Labor Practice
 
DOLE D.O. 147-15
DOLE D.O. 147-15DOLE D.O. 147-15
DOLE D.O. 147-15
 
What is Control in Contracting and Subcontracting?
What is Control in Contracting and Subcontracting?What is Control in Contracting and Subcontracting?
What is Control in Contracting and Subcontracting?
 
DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11
DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11
DOLE D.O. 174-17 vs. DOLE D.O. 18-A-11
 
Pag-IBIG Benefits
Pag-IBIG BenefitsPag-IBIG Benefits
Pag-IBIG Benefits
 
SSS Benefits
SSS BenefitsSSS Benefits
SSS Benefits
 
PhilHealth Benefits
PhilHealth BenefitsPhilHealth Benefits
PhilHealth Benefits
 
ECC Benefits
ECC BenefitsECC Benefits
ECC Benefits
 
Retirement Pay
Retirement PayRetirement Pay
Retirement Pay
 
Separation Pay
Separation PaySeparation Pay
Separation Pay
 
13th Month Pay
13th Month Pay13th Month Pay
13th Month Pay
 
Special Leave for Women
Special Leave for WomenSpecial Leave for Women
Special Leave for Women
 
VAWC Leave
VAWC LeaveVAWC Leave
VAWC Leave
 
Solo Parental Leave
Solo Parental LeaveSolo Parental Leave
Solo Parental Leave
 
Paternity Leave
Paternity LeavePaternity Leave
Paternity Leave
 
Service Incentive Leave
Service Incentive LeaveService Incentive Leave
Service Incentive Leave
 
Service Charges
Service ChargesService Charges
Service Charges
 
Night Shift Differential Pay
Night Shift Differential PayNight Shift Differential Pay
Night Shift Differential Pay
 
Overtime Pay
Overtime PayOvertime Pay
Overtime Pay
 

Último

IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxRRR Chambers
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsAurora Consulting
 
Debt Collection in India - General Procedure
Debt Collection in India - General ProcedureDebt Collection in India - General Procedure
Debt Collection in India - General ProcedureBridgeWest.eu
 
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceanilsa9823
 
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)Delhi Call girls
 
LITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULELITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULEsreeramsaipranitha
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxfilippoluciani9
 
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书 如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书Sir Lt
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhaiShashankKumar441258
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxSHIVAMGUPTA671167
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书E LSS
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxRRR Chambers
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionAnuragMishra811030
 
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881mayurchatre90
 

Último (20)

IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
 
Old Income Tax Regime Vs New Income Tax Regime
Old Income Tax Regime Vs New Income Tax RegimeOld Income Tax Regime Vs New Income Tax Regime
Old Income Tax Regime Vs New Income Tax Regime
 
Debt Collection in India - General Procedure
Debt Collection in India - General ProcedureDebt Collection in India - General Procedure
Debt Collection in India - General Procedure
 
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Singar Nagar Lucknow best sexual service
 
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
 
LITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULELITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULE
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
 
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书 如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
 
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 25 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusion
 
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
Negotiable Instruments Act 1881.UNDERSTAND THE LAW OF 1881
 

Data Privacy- Security of Sensitive Personal Information

  • 1. Security of Sensitive Personal Information in Government Basics of Philippine Data Privacy Law for Non-Lawyers
  • 2. Applicability to Government The Data Privacy Law expressly and specifically provides for the applicability of the provisions to Government Agencies. Accordingly, heads of agencies are made primarily responsible for ensuring that their offices are compliant with the security of sensitive personal information that are in their control or custody. Reference: Section 22, R.A. 10173
  • 3. Responsibility: Heads of Agencies All sensitive personal information maintained by the government, its agencies and instrumentalities shall be secured, as far as practicable, with the use of the most appropriate standard recognized by the information and communications technology industry, and as recommended by the Commission. The head of each government agency or instrumentality shall be responsible for complying with the security requirements mentioned herein while the Commission shall monitor the compliance and may recommend the necessary action in order to satisfy the minimum standards. The heads of agencies are made primarily responsible for compliance with the security requirements set by the Data Privacy Law. The NPC has the authority to monitory compliance and recommend to the agency the necessary to action to comply with the minimum standards. Reference: Section 23, R.A. 10173
  • 4. Responsibility: Heads of Agencies (a) On-site and Online Access – Except as may be allowed through guidelines to be issued by the Commission, no employee of the government shall have access to sensitive personal information on government property or through online facilities unless the employee has received a security clearance from the head of the source agency. Sensitive personal information with the Government is required to be maintained as strictly confidential and only for those authorized to access them. Accordingly, security clearance is required before a Government employee may be able to access these sensitive personal information. Reference: Section 23, R.A. 10173
  • 5. Responsibility: Heads of Agencies (b) Off-site Access – Unless otherwise provided in guidelines to be issued by the Commission, sensitive personal information maintained by an agency may not be transported or accessed from a location off government property unless a request for such transportation or access is submitted and approved by the head of the agency in accordance with the following guidelines: (1) Deadline for Approval or Disapproval – In the case of any request submitted to the head of an agency, such head of the agency shall approve or disapprove the request within two (2) business days after the date of submission of the request. In case there is no action by the head of the agency, then such request is considered disapproved; Reference: Section 23, R.A. 10173
  • 6. Responsibility: Heads of Agencies (2) Limitation to One thousand (1,000) Records – If a request is approved, the head of the agency shall limit the access to not more than one thousand (1,000) records at a time; and (3) Encryption – Any technology used to store, transport or access sensitive personal information for purposes of off-site access approved under this subsection shall be secured by the use of the most secure encryption standard recognized by the Commission. Transportation or access off-site of sensitive personal information with the Government requires an approved request by the head of agency. Further, a 1,000 records at a time limitation is imposed. Most secure encryption standard is required of the technology to be used. Reference: Section 23, R.A. 10173
  • 7. Government Contractors In entering into any contract that may involve accessing or requiring sensitive personal information from one thousand (1,000) or more individuals, an agency shall require a contractor and its employees to register their personal information processing system with the Commission in accordance with this Act and to comply with the other provisions of this Act including the immediately preceding section, in the same manner as agencies and government employees comply with such requirements. Government contractors and their employees have to register their Personal Information Processing System with the National Privacy Commission – if their contracts involve accessing or requiring sensitive personal information from 1,000 or more individuals. Reference: Section 24, R.A. 10173
  • 8. Summary 1) Data Privacy Law applies to Government Offices. 2) Heads of Agencies are the ones primarily responsible for compliance. 3) Security clearance is required for Government Employees who are accessing sensitive personal information. 4) A request approved by the Head of the Agency is required prior to transportation or access off-site of sensitive personal information. 5) NPC registration is required for Government Contractors for contracts involving access or requiring senstive personal information from at least 1,000 individuals.
  • 9. Basics of Philippine Data Privacy Law for Non-Lawyers Atty. Jericho B. Del Puerto SME Business Lawyer For inquiries, comment, or permission to use slides, send us an email : info@jdpconsulting.ph. Security of Sensitive Personal Information in Government