Data Privacy Act: Man VS Internet
A year ago, Philippine Commission on Elections, better known as COMELEC went through a crisis when their system was hacked by a famous hacker group. Their database containing private information of 55 million registered voters was leaked as well as some of the candidate’s number of votes. This case was known as the biggest private leak data in the Philippine history.
Through this case alone, it is evident that the internet has become a gateway for all kinds of information. Although the free flow of data promotes innovation and growth, it is important to take note that all personal information, whether it’s from the government or private sector, should be secured and protected.
If personal information of a subject has been misused or breached, penalties may occur – we’re talking about jail time of up to 7 years and fines up to 5 million.
This is where the Republic Act 10173 – Data Privacy Act of 2012 plays a role.
Last June 6th, Tuesday, at Dusit Thani, employees from the HR division took time off from work to attend Data Privacy Act: HR Accountabilities and Liabilities. The Archive One team together with GlobalSign and Utimaco, sponsored this event targeted particularly at HR personnel.
The aim of the event was to educate them about their work as HR teams are generally the first touch point within an organization. Handling and processing personal and confidential information comes with their job.
It was an honor to have Mr Dondi Mapa talk about the responsibilities of working in a HR department. His talk focused on the when, where, how, what, and who of compliance. Dondi Mapa is the Deputy Privacy Commissioner from the National Privacy Commission – a regulatory agency that manages and implements the Data Privacy Act of 2012. They monitor and ensure compliance of the country with international standards set for data protection.
Sales Team from GlobalSign, Utimaco, and Paperless Trail Inc with Mr Dondi Mapa
Moreover, each company took this opportunity to discuss their business solutions which features maximum protection and security that will help in compliance with the DPA.
Louie Delos Trico, Technical Support Manager from GlobalSign, discussed AATL Digital Signatures. Teo Poh Soon, Sales Development from Utimaco, a partner of GlobalSign, shared about hardware security modules for data protection. Finally, Jay Edades, Business Development Director from Paperless Trail Inc., talked about Archive One and its offering solutions that are in line with the law of data privacy.
Archive One (AO) is a document management system that protects Personally Identifiable Information (PII) and automates the production of compliance reports related to employee record keeping.
Security features of AO include:
- Data Privacy Officer (DPO)/HR designs access rights
- Auto-expiring access passes
- Documents are stored inside the database, not shared drives
- Audit logs
- Breaches can be detected and logged
- Limits the need for uncontrolled paper copies
To know more about the Republic Act 10173 – Data Privacy Act of 2012, visit National Privacy Commission's website here.