Access over 35 million academic & study documents

Data privacy

Content type
User Generated
Rating
Showing Page:
1/3
DATA PRIVACY ACT OF 2012 (RA 10173)
DATA PRIVACY refers to the right
DATA PROTECTION means to implement right
DEFINITION OF TERMS
Consent of Data Subject: any freely given, specific,
informed indication of will, whereby data subject agrees to
collection and processing of personal info relating to him
Data Subject: individual whose personal info is processed
Sensitive Personal Info: personal info about ff:
Individual’s race, ethnic origin, marital status,
age, color, and religious, philosophical or
political affiliations
Individual’s health/education, genetic/sexual life
Issued by govt agencies peculiar to an
individual (ex: SSS #, etc)
Specifically established by exec. order or act of
Congress to be kept classified
Personal Information Controller: person/org. who
controls collection/holding/processing/use of personal info
Privileged Information: any and all forms data which
constitute privileged communication
Personal Information Processor: any natural or juridical
person qualified to act to whom personal info controller
outsources the processing
COVERAGE OF DATA PRIVACY
o To all types of personal info & to any natural or
juridical person involved in pers. info processing
o Affords protection to journalists and sources
EXCEPTIONS TO THE COVERAGE
× Info about any individual who is/was an
officer/employee of govt institution
× Info about an individual who is/was performing
service under contract for a government
institution
× Info relating to any discretionary benefit of a
financial nature
× Personal info for journalistic, literary or research
purposes
× Info necessary in order to carry out functions of
public authority
× Info necessary for banks and other financial
institutions
× Personal info originally collected from residents
of foreign jurisdictions
EXTRATERRITORIAL APPLICATION
The law applies to an act done or practice engaged in and
outside of Philippines by an entity IF:
o Relates to personal info about PH citizen/
resident
o Entity has link with Philippines, such as:
- Contract is entered
- Central mgmt. and control
- Parent/affiliate of PH entity has
access to personal info
o Entity has other links in PH such as:
- Carries on business
- It was collected by a PH entity

Sign up to view the full document!

lock_open Sign Up
Showing Page:
2/3
NATIONAL PRIVACY COMMISSION (NPC)
- independent body which refers to the govt agency
entrusted to administer and implement Data Privacy and
ensure compliance with international standards
ORGANIZATIONAL STRUCTURE OF NPC
COMPOSITION: attached to DICT and headed by Privacy
Commissioner (Chairman) and 2 Deputy Privacy
Commissioners (Policies and Planning; Data Processing
Systems)
APPOINTMENT: the 2 Deputies shall be appointed by
President of Philippines
TERM: 3 yrs & maybe reappointed for another 3 yrs
PROCESSING OF PERSONAL INFORMATION
>> GENERAL DATA PRIVACY PRINCIPLES
- Personal info must be:
o Collected for specified and legit purposes
o Processed fairly and lawfully
o Accurate, relevant and where necessary, kept
up to date; inaccurate or incomplete data must
be rectified
o Adequate and not excessive
o Retained only for as long as necessary
o Kept in form w/c permits identification of data
subject for no longer than necessary
>> CRITERIA FOR LAWFUL PROCESSING
- permitted only if not prohibited by law and when at least
one of the ff. conditions exists:
o Has consent
o Processing is necessary and related to the
fulfillment of a contract
o Processing is necessary for compliance with a
legal obligation
o Processing is necessary to protect vitality
important interests of data subject
o Processing is necessary in order to respond to
national emergency
o Processing is necessary for purposes of legit
interests
>> SENSITIVE PERSONAL & PRIVILEGED INFO
- processing of info shall be prohibited, except:
o Data subject has given his consent
o Processing of such is provided by law
o Processing is necessary to protect life and
health of data subject
o Processing is necessary to achieve lawful &
noncommercial objectives of public org.
o Processing is necessary for purposes of
medical treatment
o Processing is necessary for protection of lawful
rights and interests of natural or legal persons in
court proceedings

Sign up to view the full document!

lock_open Sign Up
Showing Page:
3/3

Sign up to view the full document!

lock_open Sign Up
Unformatted Attachment Preview
DATA PRIVACY ACT OF 2012 (RA 10173) DATA PRIVACY – refers to the right DATA PROTECTION – means to implement right DEFINITION OF TERMS Consent of Data Subject: any freely given, specific, informed indication of will, whereby data subject agrees to collection and processing of personal info relating to him Data Subject: individual whose personal info is processed Sensitive Personal Info: personal info about ff: ✓ Individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations ✓ Individual’s health/education, genetic/sexual life ✓ Issued by govt agencies peculiar to an individual (ex: SSS #, etc) ✓ Specifically established by exec. order or act of Congress to be kept classified Personal Information Controller: person/org. who controls collection/holding/processing/use of personal info Privileged Information: any and all fo ...
Purchase document to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Anonymous
Excellent! Definitely coming back for more study materials.

Studypool
4.7
Indeed
4.5
Sitejabber
4.4