image by Cagayan de Oro ICT Business Council

The Cagayan de Oro ICT Business Council is inviting all stakeholders for a one-day workshop on Data Privacy Compliance on August 31, 2017 at Philtown Hotel. Speaker will be no less than National Privacy Commissioner Damian Domingo O. Mapa.

The workshop is vital as the deadline for the compliance of all those businesses capturing data has been set by the National Privacy Commission (NPC) on September 9, 2017.

The sectors identified are as follows:

  1. Government branches, bodies or entities, including national government agencies, bureaus or offices, constitutional commissions, local government units, and government-owned and controlled corporations (GOCCs);
  2. Banks and non-bank financial institutions, including pawnshops, non-stock savings and loan associations (NSSLAS);
  3. Telecommunications networks, internet service providers and other entities or organizations providing similar services;
  4. Business process outsourcing companies;
  5. Universities, colleges and other institutions of higher learning, all other schools and training institutions;
  6. Hospitals including primary care facilities, multi-specialty clinics, custodial care facilities, diagnostic or therapeutic facilities, specialized out-patient facilities and other organizations processing genetic data;
  7. Providers of insurance undertakings, including life and non-life companies, pre-need companies and insurance brokers;
  8. Business involved mainly in direct marketing, networking, and companies providing reward cards and loyalty programs;
  9. Pharmaceutical companies engaged in research; and
  10. Personal information processors (PIPs) processing personal data for a personal information controller (PIC) included in the preceding items, and data processing systems involving automated decision-making


The NPC recommends 5 data privacy guidelines to build your organization’s capacity to comply with the Republic Act No. 10173, also known as Data Privacy Act of 2012: 

  1. Appoint a Data Protection Officer (DPO)
  2. Conduct a Privacy Impact Assessment (PIA)
  3. Create your Privacy Management Program (PMP)
  4. Implement your privacy and data protection (PDP) measures
  5. Regularly exercise your Breach Reporting Procedures (BRP)

Non-compliance to the Data Privacy Act can lead to the following consequences:

  • Being issued an order to stop processing
  • Being ordered to pay damages to data subjects whose rights were violated
  • Jail time for accountable officers

For registration, just visit HERE.

Read related article HERE.

Facebook Comments