NPC: Data security now a priority for businesses

CEBU, Philippines — The National Privacy Commission (NPC) sees more companies in the Philippines to register with the commission, as data privacy awareness has become a top priority among businesses.

“Protecting data privacy generally gained a priority status in companies' operational agenda, with some even beginning to demonstrate a rather mature level of compliance,” said NPC Commissioner Raymund Enriquez Liboro.

Liboro reported that as of last week, 22,816 Data Protection Officers (DPOs) have registered with the NPC.

Meantime, 2,939 personal information controllers (PICs) and personal information processors have finished registering their organization's data processing systems (DPS).

The NPC has also received a total of 1,736 Annual Security Incident Report submissions.

Citizen awareness has also increased. From receiving an average of five inquiries per month in 2017, “we now get around 1,080 inquiries monthly.”

Since 2017, NPC processed a total of 657 complaint-related inquiries, breach notifications, and formal complaints, majority of which were from 2018. This includes concerns brought before the Commission; Commission- initiated investigations; and formal complaints. Of the total number, NPC resolved 443 cases as of today, reported Liboro.

“This is how much data privacy has advanced in the country in such a short span of time. While there is much work that needs to be done, we are confident that the entire data privacy community is moving in the right direction,” added Liboro.

Pursuant to Republic Act 10173 otherwise known as the Data Privacy Act, companies are urged to comply this new privacy law and establish a separate department to take care of clients, employees' sensitive and personal information.

The surge of cyberattacks and data breaches, and cybercrime can be prevented if personal information shared by people in banks, hospitals, schools, in companies, among others are being property protected.

NPC is the country’s data privacy and data protection watchdog mandated to uphold the right to data privacy and ensure the free flow of information to promote economic growth and innovation.

Companies with at least 250 employees are required to register with NPC, while those that employ below 250 need not to register with NPC, but they are still required to comply with the law.

Businesses such as schools or academic institutions, hospitals and healthcare firms, and industries that deal heavily with data must need to set-up a separate department, which main and only task is to ensure that the organization’s data is well protected.

Under the law, companies are required to appoint personal information controllers (PIC) and processors, conduct privacy impact assessment, create their own privacy management program, implement privacy and data protection measures and regularly exercise breach reporting procedures.

NPC supports the upcoming “Data Privacy Asia Manila 2018,” set on September 19-20 at the Makati Shangri-La.

Presented by the Contact Center Association of the Philippines (CCAP), this year's two-day conference aims at elevating the data privacy awareness across industries. (FREEMAN)