Beruflich Dokumente
Kultur Dokumente
Republic Act 10173 or The Data Privacy Act of 2012 was approved into law last August
15, 2012. Here are its salient features:
Companies with at least 250 employees or access to the personal and identifiable
information of at least 1,000 people are required to register with the National Privacy
Commission and comply with the Data Privacy Act of 2012. Some of these companies
are already on their way to compliance — but many more are unaware that they are
even affected by the law.
HOW TO COMPLY:
Except for items (a) to (c), a COP shall perform all other functions of a DPO. Where
appropriate, he or she shall also assist the supervising DPO in the performance of the
latter’s functions.
You must have due regard for the risks associated with the processing operations of the
PIC or PIP, considering the nature, scope, context and purposes of processing.
Accordingly, he or she must prioritize his or her activities and focus his or her efforts on
issues that present higher data protection risks.
SECOND STEP: CONDUCTING PRIVACY IMPACT ASSESSMENT
2. Must create a Privacy Notice. A privacy notice aims to empower the public. It is
meant to tell individuals what, how and why personal data is being collected
from them. As such, privacy notices should be highly readable to be usable and
effective.