SlideShare a Scribd company logo

CEU DPA

•
•
B
BERBERGRACEMARJORIE

Warning: This is copyrighted. It is use for training/reference purpose only.

Education
1 of 41
Data Privacy ActData Privacy Act RA 10173RA 10173 Orientation Data and Document Custodians
What is the purpose of the DPAWhat is the purpose of the DPA (R.A. 10173)(R.A. 10173) The DPA compels entities or organizations, including individuals, engaged in processing personal data to: ESTABLISH POLICIES & IMPLEMENT MEASURES AND PROCEDURES that guarantee the safety and security of personal data under their control or custody, thereby upholding an individual’s data privacy rights. Protection against:  NATURAL DANGERS such as accidental loss or destruction  HUMAN DANGERS such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination.
What is Protected under the DPA?What is Protected under the DPA? PERSONAL DATA which includes personal information, sensitive personal information and privileged information which are in the hands of another natural or juridical person.
Basic Terms used in the DPABasic Terms used in the DPA • Data Subject – refers to an individual whose personal, sensitive personal, or privileged information is processed; • Processing - refers to any operation or any set of operations performed upon personal data including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data;
Basic Terms used in the DPABasic Terms used in the DPA • Personal Information Controller (PIC) - refers to a natural or juridical person, or any other body who controls the processing of personal data, or instructs another to process personal data on its behalf. The term excludes: o a natural or juridical person, or any other body, who performs such functions as instructed by another person or organization; or o a natural person who processes personal data in connection with his or her personal, family, or household affairs; There is control if the natural or juridical person or any other body decides on what information is collected, or the purpose or extent of its processing. For this purpose, CEU is deemed as a PIC.
Basic Terms used in the DPABasic Terms used in the DPA • Security Incident - any event or occurrence that affects or tends to affect data protection, or may compromise the availability, integrity, and confidentiality of personal data. It includes incidents that may result in a personal data breach, if not for safeguards that have been put in place. A data breach is a kind of security incident. It happens when there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
1. Personal Information refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual Example: Full name, address, phone number, email address Basic Terms used in the DPABasic Terms used in the DPA Personal Data refers to:
2. Sensitive Personal Information refers to personal information: • about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; • about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; • issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and • specifically established by an executive order or an act of Congress to be kept classified. Example : race, marital status, health status, age, birthdate, government issued ID numbers Basic Terms used in the DPABasic Terms used in the DPA
3. Privileged Personal Information refers to all forms of data, which, under the Rules of Court and other pertinent laws, constitute privileged communication Example: information revealed to a Priest, Doctor or Lawyer which are confidential in nature Basic Terms used in the DPABasic Terms used in the DPA
SEC. 4. Scope. – This Act applies to the processingprocessing of all types of personal informationall types of personal information and to any natural and juridical personnatural and juridical person involved in personal information processing including those personal information controllers and processors who, although not found or established in the Philippines, use equipment that are located in the Philippines, or those who maintain an office, branch or agency in the Philippines subject to the immediately succeeding paragraph: Provided, That the requirements of Section 5 are complied with. This Act does not apply to the following: •Information about any individual who is or was an officer or employee of a government institution … xxx xxx xxx •Information about an individual who is or was performing service under contract for a government institution… xxx xxx xxx •Information relating to any discretionary benefit of a financial nature such as the granting of a license or permit given by the government to an individual … xxx xxx xxx •Personal information processed for journalistic, artistic, literary or research purposes; •Information necessary in order to carry out the functions of public authority … xxx xxx xxx •Information necessary for banks and other financial institutions … xxx xxx xxx •Personal information originally collected from residents of foreign jurisdictions … xxx xxx xxx Data Privacy Act: ScopeData Privacy Act: Scope
SEC. 12. Criteria for Lawful Processing of Personal Information.Personal Information. –– The processing of personal information shall be permitted only if not otherwise prohibited by law, and when at least one of the following conditions exists: (a)The data subject has given his or her consentconsent; (b)The processing of personal information is necessary and is related to the fulfillment of a contractfulfillment of a contract … xxx xxx xxx (c)The processing is necessary for compliance with a legal obligationlegal obligation … xxx xxx xxx (d)The processing is necessary to protect vitally important interests of the data subject, including lifelife and healthhealth; (e)The processing is necessary in order to respond to national emergencynational emergency, to comply with the requirements of public order and safetypublic order and safety, or to fulfill functions of public authoritypublic authority …xxx xxx xxx (f)The processing is necessary for the purposes of the legitimate interestslegitimate interests pursued by the personal information controller …xxx xxx xxx Data Privacy Act: Lawful Processing of Personal InformationData Privacy Act: Lawful Processing of Personal Information
SEC. 13. Sensitive Personal InformationSensitive Personal Information and Privileged InformationPrivileged Information. – The processing of sensitive personal information and privileged information shall be prohibited, exceptprohibited, except in the following cases: (a)The data subject has given his or her consent…xxx xxx xxx (b)The processing of the same is provided for by existing laws and regulations … xxx xxx xxx (c)The processing is necessary to protect the life and health of the data subject or another person…xxx xxx xxx (d)The processing is necessary to achieve the lawful and noncommercial objectives of public organizations and their associations…xxx xxx xxx (e)The processing is necessary for purposes of medical treatment, is carried out by a medical practitioner or a medical treatment institution…xxx xxx xxx (f)…xxx xxx xxx for the protection of lawful rights and interests of natural or legal persons in court proceedings, or the establishment, exercise or defense of legal claims, or when provided to government or public authority. Data Privacy Act: Lawful Processing of Sensitive Personal Information and Privileged InformationData Privacy Act: Lawful Processing of Sensitive Personal Information and Privileged Information
CONSENT of the Data Subject is the primary means forCONSENT of the Data Subject is the primary means for lawful processing of Personal Data Consent:lawful processing of Personal Data Consent: Section 3 (b)Section 3 (b) Consent of the data subject -Consent of the data subject - refers to anyrefers to any freely given, specific, informed indication of will, wherebyfreely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing ofthe data subject agrees to the collection and processing of personal information about and/or relating to him or her.personal information about and/or relating to him or her. Consent shall be evidenced byConsent shall be evidenced by writtenwritten,, electronicelectronic oror recordedrecorded means. It may also be given on behalf of the datameans. It may also be given on behalf of the data subject by an agent specifically authorized by the datasubject by an agent specifically authorized by the data subject to do so.subject to do so.
In the absence of a written, electronic or recordedIn the absence of a written, electronic or recorded Consent, processing of Personal Data will still beConsent, processing of Personal Data will still be lawful if it falls within the circumstances in the DPA:lawful if it falls within the circumstances in the DPA: Section 12. (b) – (f)Section 12. (b) – (f) andand Section 13. (b) – (f)Section 13. (b) – (f)
file:///C:/Users/CEU/Documents/Z%20References%20and%20Others/DPO3_DPA.pdf
file:///C:/Users/CEU/Documents/Z%20References%20and%20Others/DPO3_DPA.pdf
5 Pillars of Compliance
Obligations of the PersonalObligations of the Personal Information Controller( PIC )Information Controller( PIC ) 1. PROTECT the Personal Data of Data Subjects that the organization is processing 2. AVOID, PREVENT and MANAGE Data Privacy Breaches 3. ENSURE COMPLIANCE with the Data Privacy Act and its Internal Rules and Regulations
1. PROTECT the Personal Data of Data Subjects that the organization is processing 8 Rules of Data Protection 1. Obtain and process information fairly 2. Keep it only for one or more specified, explicit and lawful purposes 3. Use and disclose it only in ways compatible with these purposes 4. Keep it safe and secure 5. Keep it accurate, complete and up-to-date 6. Ensure that it is adequate, relevant and not excessive 7. Retain it for no longer than is necessary for the purpose or purposes 8. Give a copy of his/her personal data to an individual, on request https://encrypted-tbn0.gstatic.com/images? q=tbn:ANd9GcRlSiypeFd1tcdWH4UjviuBB3xC2nLDMB5tKr CIUt3zHks1NRXy Obligations of the PICObligations of the PIC
2. AVOID, PREVENT and MANAGE Data Privacy Breaches How do Privacy Breaches Occur • LOST OR STOLEN laptops, removable storage devices (usb, external drives), paper records containing personal information • FAILURE TO ERASE CONTENT of hard disk drives or other digital storage media when being disposed or returned to equipment lessors • HACKING of databases by individuals outside the agency or organization • UNATHORIZED ACCESS BY EMPLOYEES of personal information outside the authorization of their employment • IMPROPER ACQUISITION of paper records from unsecure recycling or garbage bins • MISTAKE in providing personal information to the wrong person • IMPERSONATION by an individual deceiving an agency or organization into improperly releasing the personal information of another https://d2r9nfiii89r0l.cloudfront.net/article/images/7 40x500/dimg/after-data-breach_1.jpg Obligations of the PICObligations of the PIC
3. ENSURE COMPLIANCE with the Data Privacy Act and its Internal Rules and Regulations How do we comply with the DPA 1. Appoint a Data Privacy Officer (DPO) 2. Conduct Personal Data Inventory 3. Conduct Privacy Impact Assessment 4. Develop a Privacy Notice 5. Create a Privacy Manual • General Policy • Organizational, Physical and Technical Security Measures • Data Breach Protocols 1. Implement the Privacy Management Program embedded in the Privacy Manual 2. Monitor Data Privacy Accountability and Compliance https://privacy.gov.ph/implementing-privacy-and-data-protection-measures/ Obligations of the PICObligations of the PIC
What is your role asWhat is your role as Document Custodian?Document Custodian?
Data and Document Custodian’sData and Document Custodian’s Role in DPARole in DPA 1.Process Personal Data in accordance with: 1. CEU Policy on Data Processing 2. Data Privacy Act 2.Prevent Security Incidents and Data Breaches 3.Respect the Rights of the Data Subject
Role No. 1Role No. 1 LAWFUL PROCESSING 1.COLLECT personal data pursuant to legitimate purposes only 2.USE personal data according to the legitimate purposes for which it was collected in accordance with the Principles of Data Privacy
Principles of Data PrivacyPrinciples of Data Privacy The Data Subject must be aware of the NATURE, PURPOSE, and EXTENT of processing of his/her personal data, including the: • Risks and safeguards involved • Identity of the Personal Information Controller (PIC) • Rights as a Data Subject and how these rights can be exercised After the data subject has been duly informed, his/her CONSENT must be secured, stating therein that the data subject agrees to the collection and processing of personal information about and/or relating to him/her. http://incentiveandmotivation.com/wp-content/uploads/2017/11/How-transparency-can-help-motivate-staff-.jpg Transparency
The processing of information shall be COMPATIBLE WITH A DECLARED AND SPECIFIED PURPOSE which must not be contrary to law, morals or public policy. http://www.lifeopedia.com/wp-content/uploads/2014/05/164006814-580x324.jpg Legitimate Purpose Principles of Data PrivacyPrinciples of Data Privacy
Processing of information shall be ADEQUATE RELEVANT SUITABLE NECESSARY NOT EXCESSIVE in relation to a declared and specified purpose. http://www.essentialbaby.com.au/content/dam/images/2/9/x/d/8/image.related.articleLeadwide.620x349.29xd3. png/1367891687307.jpg Proportionality Principles of Data PrivacyPrinciples of Data Privacy
TRANSPARENCY LEGITIMATE PURPOSE PROPORTIONALITY https://www.spot.ph/newsfeatures/the-latest-news-features/72423/best-of-random-photos-50-funniest-random-photo-submissions-a53-20171225-lfrm2
Role No. 2Role No. 2 PREVENT SECURITY AND DATA BREACHES 1.SHARE or DISCLOSE only to those authorized by the organization or if required by law 2.STORE personal data in accordance with security policies 3.DISPOSE securely and in accordance to accepted modes of disposal
Role No. 3Role No. 3 RespectRespect Data Subject Rights Under the DPAData Subject Rights Under the DPA 1. The Right to be Informed The Data Subject has the right to be informed that his/her personal data shall be, are being or have been processed. 2. The Right to Access The Data Subject has the right to gain reasonable access to his/her personal data. 3. The Right to Correction or Rectification The Data Subject has the right to dispute any inaccuracy or error in your personal data and to have it corrected immediately, provided it is not vexatious or unreasonable. Images sourced at: https://privacy.gov.ph/know-your-rights/
4. The Right to Erasure or Blocking The Data Subject has the right to suspend, withdraw or order the blocking, removal or destruction of his/her personal data upon discovery and substantial proof of any of the following: • His/her personal data is incomplete, outdated, false, or unlawfully obtained; • It is being used for purposes not authorize; • The data is no longer necessary for the purposes for which they were collected; • The Data Subject decided to withdraw consent, or objected to its processing, and there is no overriding legal ground for its processing; • The data concerns personal information prejudicial to the data subject – unless justified by freedom of speech, of expression, or of the press; or otherwise authorized; • The processing is unlawful; or • The Personal Information Controller (PIC), or the Personal Information Processor (PIP), violated the rights of the Data Subject. Images sourced at: https://privacy.gov.ph/know-your-rights/ Data Subject Rights Under the DPAData Subject Rights Under the DPA
5. The Right to Object The Data Subject has the right to object to the processing of his/her personal data, including processing for direct marketing, automated processing or profiling. In case of changes or amendment to the information declared to the Data Subject regarding the processing of his/her information, the Data Subject has the right to be notified and given an opportunity to withhold consent. Once exercised, the Personal Data Controller (PIC) will no longer process the data, unless: • The personal data is needed pursuant to a subpoena; • The collection and processing are for obvious purposes, including, when it is necessary to the performance of or in relation to a contract or service which the data subject is a party, or when necessary or desirable in the context of an employer-employee relationship between the collector and the data subject; or • The information is being collected and processed as a result of a legal obligation. Images sourced at: https://privacy.gov.ph/know-your-rights/ Data Subject Rights Under the DPAData Subject Rights Under the DPA
6. The Right to Data Portability For personal information processed by electronic means, the Data Subject has the right to obtain a copy of his/her personal data in electronic format that is commonly used and allows for further use. 7. The Right to Damages The Data Subject may claim compensation if he/she suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, constituting a violation of his/her rights and freedoms as a data subject. 8. The Right to File a Complaint The Data Subject may file a complaint with the National Privacy Commission if he/she is the subject of a privacy violation or personal data breach, or who are otherwise personally affected by a violation of the Data Privacy Act. Images sourced at: https://privacy.gov.ph/know-your-rights/ Data Subject Rights Under the DPAData Subject Rights Under the DPA
Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 25: (a)Unauthorized processing of Personal Information (b)Unauthorized processing of Sensitive Personal Information   Imposed on persons who process PI/SPI without the consent of the data subject, or without being authorized under this Act or any existing law.   (a)1 – 3 years (b)3 – 6 years (a)P500,000 – P2,000,000 (b)P500,000 – P4,000,000 Section 26: (a)Accessing Personal Information Due to Negligence (b)Accessing Sensitive Personal Information Due to Negligence   Imposed on persons who, due to negligence, provided access to PI/SPI without being authorized under this Act of any existing law.   (a)1 – 3 years (b)3 – 6 years (a)P500,000 – P2,000,000 (b)P500,000 – P4,000,000
Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 27: (a)Improper Disposal of Personal Information (b)Improper Disposal of Sensitive Personal Information   Imposed upon persons who knowingly or negligently dispose, discard, or abandon the personal information of an individual in an area accessible to the public or has otherwise placed the personal information of an individual in its container for trash collection.   (a)6 months – 2 years (b)1 – 3 years (a)P100,000 – P500,000 (a)P100,000 – P1,000,000 Section 28: (a)Processing of Personal Information for Unauthorized Purposes (b)Processing of Sensitive Personal Information for Unauthorized Purposes   Imposed upon persons processing PI/SPI for purposes not authorized by the data subject, or otherwise authorized under this Act or under existing laws.   (a)1 year and 6 months – 5 years (b)2 – 7 years (a)P500,000 – P1,000,000 (a)P500,000 – P2,000,000
Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 29: Unauthorized Access of Intentional Breach   Imposed upon persons who knowingly and unlawfully, or violating data confidentiality and security data systems, breaks in any way into any system where personal and sensitive personal information is stored.   1 – 3 years P500,000 – P2,000,000 Section 30: Concealment of Security Breaches Involving Sensitive Personal Information   Imposed on persons who, after having knowledge of a security breach and of the obligation to notify the Commission pursuant to Section 20(f), intentionally or by omission, conceal the fact of such security breach.     1 year and 6 months – five years P500,000 – P1,000,000
Penalties under the DPAPenalties under the DPACriminal Act Imprisonment AND Fine Section 31: Malicious Disclosure   Imposed on PICs, PIPs or any of its officials, employees or agents who, with malice or in bad faith, discloses unwarranted or false information relative to any PI/SPI obtained by him or her.   1 year and 6 months – 5 years P500,000 – P1,000,000 Section 32:   (a)Unauthorized Disclosure of any Personal Information (b)Unauthorized Disclosure of any Sensitive Personal Information   Imposed on PICs, PIPs or any of its officials, employees or agents who discloses to a third party PI/SPI not covered by the immediately preceding section without the consent of the data subject.   (a)1 – 3 years (b)3 – 5 years (a)P500,000 – P1,000 000 (b)P500,000 – P2,000,000
Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 33: Combination or Series of Acts   Any combination or series of acts as defined in Sections 25 – 32 shall make the person liable for the increased penalty   3 – 6 years P1,000,000 – P5,000,000 Section 35: Large Scale   The maximum penalty in the scale of penalties shall be imposed when the Personal Information of at least One Hundred (100) persons is harmed, affected or involved as the result of the commission of such criminal acts.  
http://www.alliancemagazine.org/wp-content/uploads/2017/10/1- dont-collect-what-you-cant-protect.jpg
CEU Data Privacy StatementCEU Data Privacy Statement Centro Escolar University is committed to respect andCentro Escolar University is committed to respect and value the privacy rights of individuals.value the privacy rights of individuals. We will ensure that all personal data are protected andWe will ensure that all personal data are protected and processed in accordance with Republic Act No. 10173processed in accordance with Republic Act No. 10173 or the Data Privacy Act of 2012 and its Implementingor the Data Privacy Act of 2012 and its Implementing Rules and Regulations.Rules and Regulations. We recognize the confidentiality of personal data andWe recognize the confidentiality of personal data and adhere to the general principles of transparency,adhere to the general principles of transparency, legitimate purpose, and proportionality.legitimate purpose, and proportionality.
Data Privacy ActData Privacy Act RA 10173RA 10173 Thank you. To proceed click the link below: https://goo.gl/forms/7nv7CYUBAJqOzy0i1 To proceed click the link below: https://goo.gl/forms/7nv7CYUBAJqOzy0i1

Recommended

Basic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersBasic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersJDP Consulting
 
Data privacy act
Data privacy actData privacy act
Data privacy actansherina erika dejan
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
Data privacy act of 2012 presentation
Data privacy act of 2012 presentationData privacy act of 2012 presentation
Data privacy act of 2012 presentationKittelson & Carpo Consulting
 
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Jay Castillo
 
RA 3019.ppt
RA 3019.pptRA 3019.ppt
RA 3019.pptjohanaganadores
 
RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...
RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...
RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...OrangeDiary
 
Anti b astos law ra 11313-quinto
Anti b astos law ra 11313-quintoAnti b astos law ra 11313-quinto
Anti b astos law ra 11313-quintorubytamayo2
 

Recommended

Basic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersBasic Data Privacy for Non Lawyers
Basic Data Privacy for Non LawyersJDP Consulting
 
Data privacy act
Data privacy actData privacy act
Data privacy actansherina erika dejan
 
Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Philippine Data Privacy Act of 2012 (RA 10173)
Philippine Data Privacy Act of 2012 (RA 10173)Kirk Go
 
Data privacy act of 2012 presentation
Data privacy act of 2012 presentationData privacy act of 2012 presentation
Data privacy act of 2012 presentationKittelson & Carpo Consulting
 
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Data Privacy Act of 2012 (R.A. 10173) Briefing 2017
Data Privacy Act of 2012 (R.A. 10173) Briefing 2017Jay Castillo
 
RA 3019.ppt
RA 3019.pptRA 3019.ppt
RA 3019.pptjohanaganadores
 
RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...
RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...
RA 6713 Code of Ethical Standards for Public Officials and Employees in a Nu...OrangeDiary
 
Anti b astos law ra 11313-quinto
Anti b astos law ra 11313-quintoAnti b astos law ra 11313-quinto
Anti b astos law ra 11313-quintorubytamayo2
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptxANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptxssuser9cf4e3
 
Remedies on COA disallowance
Remedies on COA disallowanceRemedies on COA disallowance
Remedies on COA disallowancecherry Marie Facun
 
Orientation ra 9208 ii
Orientation ra 9208 iiOrientation ra 9208 ii
Orientation ra 9208 iiOmar Jacalne
 
Plm lecture
Plm lecturePlm lecture
Plm lectureTony012573
 
Republic act 6713
Republic act 6713 Republic act 6713
Republic act 6713 charmie sevilla
 
Article 4
Article 4 Article 4
Article 4 Robelyn Muntiero
 
The Local Legislative Process: Powers and Functions of the Sanggunian
The Local Legislative Process: Powers and Functions of the SanggunianThe Local Legislative Process: Powers and Functions of the Sanggunian
The Local Legislative Process: Powers and Functions of the SanggunianJo Balucanag - Bitonio
 
Justness & Sincerity ( RA6713)
Justness & Sincerity ( RA6713)Justness & Sincerity ( RA6713)
Justness & Sincerity ( RA6713)JRIS04
 
336742956 individual-performance-commitment-and-review-ipcr-form
336742956 individual-performance-commitment-and-review-ipcr-form336742956 individual-performance-commitment-and-review-ipcr-form
336742956 individual-performance-commitment-and-review-ipcr-formEdelyn Ambos
 
Laws on Graft and Corruption
Laws on Graft and CorruptionLaws on Graft and Corruption
Laws on Graft and CorruptionMarlyn Allanigue
 
The Philippine Cybercrime Prevention Act of 2012
The Philippine Cybercrime Prevention Act of 2012The Philippine Cybercrime Prevention Act of 2012
The Philippine Cybercrime Prevention Act of 2012Jim Ayson
 
Property & Supply Management
Property & Supply ManagementProperty & Supply Management
Property & Supply ManagementRedPaspas
 
The Administrative Disciplinary Process in the Philippine Civil Service
The Administrative Disciplinary Process in the Philippine Civil ServiceThe Administrative Disciplinary Process in the Philippine Civil Service
The Administrative Disciplinary Process in the Philippine Civil ServiceDaisy Punzalan Bragais
 
RA 9344-PRESENTATION.ppt.pptx
RA 9344-PRESENTATION.ppt.pptxRA 9344-PRESENTATION.ppt.pptx
RA 9344-PRESENTATION.ppt.pptxArthurLegaspina3
 
Republic act no 10627 padonan, rodena e.
Republic act no 10627 padonan, rodena e.Republic act no 10627 padonan, rodena e.
Republic act no 10627 padonan, rodena e.RodenaPadonan
 
Taxation in Philippines
Taxation in PhilippinesTaxation in Philippines
Taxation in PhilippinesShooger
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesjo bitonio
 
The Newly Created Local Government Code of the Philippines
The Newly Created Local Government Code of the PhilippinesThe Newly Created Local Government Code of the Philippines
The Newly Created Local Government Code of the PhilippinesJaypeeRojas
 
TAXATION OF INDIVIDUALS.pptx
TAXATION OF INDIVIDUALS.pptxTAXATION OF INDIVIDUALS.pptx
TAXATION OF INDIVIDUALS.pptxRosemarieTerrible
 
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxDATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxgentlejosh3161
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxfarewelldump
 

More Related Content

What's hot

Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptxANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptxssuser9cf4e3
 
Remedies on COA disallowance
Remedies on COA disallowanceRemedies on COA disallowance
Remedies on COA disallowancecherry Marie Facun
 
Orientation ra 9208 ii
Orientation ra 9208 iiOrientation ra 9208 ii
Orientation ra 9208 iiOmar Jacalne
 
Plm lecture
Plm lecturePlm lecture
Plm lectureTony012573
 
Republic act 6713
Republic act 6713 Republic act 6713
Republic act 6713 charmie sevilla
 
The Local Legislative Process: Powers and Functions of the Sanggunian
The Local Legislative Process: Powers and Functions of the SanggunianThe Local Legislative Process: Powers and Functions of the Sanggunian
The Local Legislative Process: Powers and Functions of the SanggunianJo Balucanag - Bitonio
 
Justness & Sincerity ( RA6713)
Justness & Sincerity ( RA6713)Justness & Sincerity ( RA6713)
Justness & Sincerity ( RA6713)JRIS04
 
336742956 individual-performance-commitment-and-review-ipcr-form
336742956 individual-performance-commitment-and-review-ipcr-form336742956 individual-performance-commitment-and-review-ipcr-form
336742956 individual-performance-commitment-and-review-ipcr-formEdelyn Ambos
 
Laws on Graft and Corruption
Laws on Graft and CorruptionLaws on Graft and Corruption
Laws on Graft and CorruptionMarlyn Allanigue
 
The Philippine Cybercrime Prevention Act of 2012
The Philippine Cybercrime Prevention Act of 2012The Philippine Cybercrime Prevention Act of 2012
The Philippine Cybercrime Prevention Act of 2012Jim Ayson
 
Property & Supply Management
Property & Supply ManagementProperty & Supply Management
Property & Supply ManagementRedPaspas
 
The Administrative Disciplinary Process in the Philippine Civil Service
The Administrative Disciplinary Process in the Philippine Civil ServiceThe Administrative Disciplinary Process in the Philippine Civil Service
The Administrative Disciplinary Process in the Philippine Civil ServiceDaisy Punzalan Bragais
 
RA 9344-PRESENTATION.ppt.pptx
RA 9344-PRESENTATION.ppt.pptxRA 9344-PRESENTATION.ppt.pptx
RA 9344-PRESENTATION.ppt.pptxArthurLegaspina3
 
Republic act no 10627 padonan, rodena e.
Republic act no 10627 padonan, rodena e.Republic act no 10627 padonan, rodena e.
Republic act no 10627 padonan, rodena e.RodenaPadonan
 
Taxation in Philippines
Taxation in PhilippinesTaxation in Philippines
Taxation in PhilippinesShooger
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesjo bitonio
 
The Newly Created Local Government Code of the Philippines
The Newly Created Local Government Code of the PhilippinesThe Newly Created Local Government Code of the Philippines
The Newly Created Local Government Code of the PhilippinesJaypeeRojas
 
TAXATION OF INDIVIDUALS.pptx
TAXATION OF INDIVIDUALS.pptxTAXATION OF INDIVIDUALS.pptx
TAXATION OF INDIVIDUALS.pptxRosemarieTerrible
 

What's hot (20)

Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the Philippines
 
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptxANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
ANTI-GRAFT AND CORRUPT PRACTICES REPORTING.pptx
 
Remedies on COA disallowance
Remedies on COA disallowanceRemedies on COA disallowance
Remedies on COA disallowance
 
Orientation ra 9208 ii
Orientation ra 9208 iiOrientation ra 9208 ii
Orientation ra 9208 ii
 
Plm lecture
Plm lecturePlm lecture
Plm lecture
 
Republic act 6713
Republic act 6713 Republic act 6713
Republic act 6713
 
Article 4
Article 4 Article 4
Article 4
 
The Local Legislative Process: Powers and Functions of the Sanggunian
The Local Legislative Process: Powers and Functions of the SanggunianThe Local Legislative Process: Powers and Functions of the Sanggunian
The Local Legislative Process: Powers and Functions of the Sanggunian
 
Justness & Sincerity ( RA6713)
Justness & Sincerity ( RA6713)Justness & Sincerity ( RA6713)
Justness & Sincerity ( RA6713)
 
336742956 individual-performance-commitment-and-review-ipcr-form
336742956 individual-performance-commitment-and-review-ipcr-form336742956 individual-performance-commitment-and-review-ipcr-form
336742956 individual-performance-commitment-and-review-ipcr-form
 
Laws on Graft and Corruption
Laws on Graft and CorruptionLaws on Graft and Corruption
Laws on Graft and Corruption
 
The Philippine Cybercrime Prevention Act of 2012
The Philippine Cybercrime Prevention Act of 2012The Philippine Cybercrime Prevention Act of 2012
The Philippine Cybercrime Prevention Act of 2012
 
Property & Supply Management
Property & Supply ManagementProperty & Supply Management
Property & Supply Management
 
The Administrative Disciplinary Process in the Philippine Civil Service
The Administrative Disciplinary Process in the Philippine Civil ServiceThe Administrative Disciplinary Process in the Philippine Civil Service
The Administrative Disciplinary Process in the Philippine Civil Service
 
RA 9344-PRESENTATION.ppt.pptx
RA 9344-PRESENTATION.ppt.pptxRA 9344-PRESENTATION.ppt.pptx
RA 9344-PRESENTATION.ppt.pptx
 
Republic act no 10627 padonan, rodena e.
Republic act no 10627 padonan, rodena e.Republic act no 10627 padonan, rodena e.
Republic act no 10627 padonan, rodena e.
 
Taxation in Philippines
Taxation in PhilippinesTaxation in Philippines
Taxation in Philippines
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
 
The Newly Created Local Government Code of the Philippines
The Newly Created Local Government Code of the PhilippinesThe Newly Created Local Government Code of the Philippines
The Newly Created Local Government Code of the Philippines
 
TAXATION OF INDIVIDUALS.pptx
TAXATION OF INDIVIDUALS.pptxTAXATION OF INDIVIDUALS.pptx
TAXATION OF INDIVIDUALS.pptx
 

Similar to CEU DPA

DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxDATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxgentlejosh3161
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxfarewelldump
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxCeresMargaretMangibi
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...Dr. Oliver Massmann
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRNupur Samaddar
 
2019 Bar Notes On Data Privacy Act Data Privacy Act Of 2012
2019 Bar Notes On Data Privacy Act Data Privacy Act Of 20122019 Bar Notes On Data Privacy Act Data Privacy Act Of 2012
2019 Bar Notes On Data Privacy Act Data Privacy Act Of 2012Maria Perkins
 
Hexagon presentation light.pptx
Hexagon presentation light.pptxHexagon presentation light.pptx
Hexagon presentation light.pptxPabRonaldCalanoc1
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentationKholisile Mazaza
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
China-PIPL.pdf
China-PIPL.pdfChina-PIPL.pdf
China-PIPL.pdfDaviesParker
 
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...Lorson Resources Limited
 
Personal Data and Information Classification under Data Privacy Act of the Ph...
Personal Data and Information Classification under Data Privacy Act of the Ph...Personal Data and Information Classification under Data Privacy Act of the Ph...
Personal Data and Information Classification under Data Privacy Act of the Ph...ABLoveria
 
Freedom of Information and Data Protection
Freedom of Information and Data ProtectionFreedom of Information and Data Protection
Freedom of Information and Data ProtectionEquiGov Institute
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
Cyber Security from MN Government perspective
Cyber Security from MN Government perspectiveCyber Security from MN Government perspective
Cyber Security from MN Government perspectiveAnn Treacy
 
The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013Myron Duncan Burton Betshanger
 

Similar to CEU DPA (20)

DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxDATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptx
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptx
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in Malaysia
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
 
2019 Bar Notes On Data Privacy Act Data Privacy Act Of 2012
2019 Bar Notes On Data Privacy Act Data Privacy Act Of 20122019 Bar Notes On Data Privacy Act Data Privacy Act Of 2012
2019 Bar Notes On Data Privacy Act Data Privacy Act Of 2012
 
Hexagon presentation light.pptx
Hexagon presentation light.pptxHexagon presentation light.pptx
Hexagon presentation light.pptx
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 
Data Privacy Act.pdf
Data Privacy Act.pdfData Privacy Act.pdf
Data Privacy Act.pdf
 
China-PIPL.pdf
China-PIPL.pdfChina-PIPL.pdf
China-PIPL.pdf
 
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
 
Personal Data and Information Classification under Data Privacy Act of the Ph...
Personal Data and Information Classification under Data Privacy Act of the Ph...Personal Data and Information Classification under Data Privacy Act of the Ph...
Personal Data and Information Classification under Data Privacy Act of the Ph...
 
Foia DP Presentation
Foia DP PresentationFoia DP Presentation
Foia DP Presentation
 
Freedom of Information and Data Protection
Freedom of Information and Data ProtectionFreedom of Information and Data Protection
Freedom of Information and Data Protection
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
 
Cyber Security from MN Government perspective
Cyber Security from MN Government perspectiveCyber Security from MN Government perspective
Cyber Security from MN Government perspective
 
The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013
 

Recently uploaded

Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptshraddhaparab530
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A BeĂąa
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...SeĂĄn Kennedy
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxruthvilladarez
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 

Recently uploaded (20)

Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.ppt
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docx
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 

CEU DPA

  • 1. Data Privacy ActData Privacy Act RA 10173RA 10173 Orientation Data and Document Custodians
  • 2. What is the purpose of the DPAWhat is the purpose of the DPA (R.A. 10173)(R.A. 10173) The DPA compels entities or organizations, including individuals, engaged in processing personal data to: ESTABLISH POLICIES & IMPLEMENT MEASURES AND PROCEDURES that guarantee the safety and security of personal data under their control or custody, thereby upholding an individual’s data privacy rights. Protection against:  NATURAL DANGERS such as accidental loss or destruction  HUMAN DANGERS such as unlawful access, fraudulent misuse, unlawful destruction, alteration and contamination.
  • 3. What is Protected under the DPA?What is Protected under the DPA? PERSONAL DATA which includes personal information, sensitive personal information and privileged information which are in the hands of another natural or juridical person.
  • 4. Basic Terms used in the DPABasic Terms used in the DPA • Data Subject – refers to an individual whose personal, sensitive personal, or privileged information is processed; • Processing - refers to any operation or any set of operations performed upon personal data including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data;
  • 5. Basic Terms used in the DPABasic Terms used in the DPA • Personal Information Controller (PIC) - refers to a natural or juridical person, or any other body who controls the processing of personal data, or instructs another to process personal data on its behalf. The term excludes: o a natural or juridical person, or any other body, who performs such functions as instructed by another person or organization; or o a natural person who processes personal data in connection with his or her personal, family, or household affairs; There is control if the natural or juridical person or any other body decides on what information is collected, or the purpose or extent of its processing. For this purpose, CEU is deemed as a PIC.
  • 6. Basic Terms used in the DPABasic Terms used in the DPA • Security Incident - any event or occurrence that affects or tends to affect data protection, or may compromise the availability, integrity, and confidentiality of personal data. It includes incidents that may result in a personal data breach, if not for safeguards that have been put in place. A data breach is a kind of security incident. It happens when there is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
  • 7. 1. Personal Information refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual Example: Full name, address, phone number, email address Basic Terms used in the DPABasic Terms used in the DPA Personal Data refers to:
  • 8. 2. Sensitive Personal Information refers to personal information: • about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; • about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; • issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and • specifically established by an executive order or an act of Congress to be kept classified. Example : race, marital status, health status, age, birthdate, government issued ID numbers Basic Terms used in the DPABasic Terms used in the DPA
  • 9. 3. Privileged Personal Information refers to all forms of data, which, under the Rules of Court and other pertinent laws, constitute privileged communication Example: information revealed to a Priest, Doctor or Lawyer which are confidential in nature Basic Terms used in the DPABasic Terms used in the DPA
  • 10. SEC. 4. Scope. – This Act applies to the processingprocessing of all types of personal informationall types of personal information and to any natural and juridical personnatural and juridical person involved in personal information processing including those personal information controllers and processors who, although not found or established in the Philippines, use equipment that are located in the Philippines, or those who maintain an office, branch or agency in the Philippines subject to the immediately succeeding paragraph: Provided, That the requirements of Section 5 are complied with. This Act does not apply to the following: •Information about any individual who is or was an officer or employee of a government institution … xxx xxx xxx •Information about an individual who is or was performing service under contract for a government institution… xxx xxx xxx •Information relating to any discretionary benefit of a financial nature such as the granting of a license or permit given by the government to an individual … xxx xxx xxx •Personal information processed for journalistic, artistic, literary or research purposes; •Information necessary in order to carry out the functions of public authority … xxx xxx xxx •Information necessary for banks and other financial institutions … xxx xxx xxx •Personal information originally collected from residents of foreign jurisdictions … xxx xxx xxx Data Privacy Act: ScopeData Privacy Act: Scope
  • 11. SEC. 12. Criteria for Lawful Processing of Personal Information.Personal Information. –– The processing of personal information shall be permitted only if not otherwise prohibited by law, and when at least one of the following conditions exists: (a)The data subject has given his or her consentconsent; (b)The processing of personal information is necessary and is related to the fulfillment of a contractfulfillment of a contract … xxx xxx xxx (c)The processing is necessary for compliance with a legal obligationlegal obligation … xxx xxx xxx (d)The processing is necessary to protect vitally important interests of the data subject, including lifelife and healthhealth; (e)The processing is necessary in order to respond to national emergencynational emergency, to comply with the requirements of public order and safetypublic order and safety, or to fulfill functions of public authoritypublic authority …xxx xxx xxx (f)The processing is necessary for the purposes of the legitimate interestslegitimate interests pursued by the personal information controller …xxx xxx xxx Data Privacy Act: Lawful Processing of Personal InformationData Privacy Act: Lawful Processing of Personal Information
  • 12. SEC. 13. Sensitive Personal InformationSensitive Personal Information and Privileged InformationPrivileged Information. – The processing of sensitive personal information and privileged information shall be prohibited, exceptprohibited, except in the following cases: (a)The data subject has given his or her consent…xxx xxx xxx (b)The processing of the same is provided for by existing laws and regulations … xxx xxx xxx (c)The processing is necessary to protect the life and health of the data subject or another person…xxx xxx xxx (d)The processing is necessary to achieve the lawful and noncommercial objectives of public organizations and their associations…xxx xxx xxx (e)The processing is necessary for purposes of medical treatment, is carried out by a medical practitioner or a medical treatment institution…xxx xxx xxx (f)…xxx xxx xxx for the protection of lawful rights and interests of natural or legal persons in court proceedings, or the establishment, exercise or defense of legal claims, or when provided to government or public authority. Data Privacy Act: Lawful Processing of Sensitive Personal Information and Privileged InformationData Privacy Act: Lawful Processing of Sensitive Personal Information and Privileged Information
  • 13. CONSENT of the Data Subject is the primary means forCONSENT of the Data Subject is the primary means for lawful processing of Personal Data Consent:lawful processing of Personal Data Consent: Section 3 (b)Section 3 (b) Consent of the data subject -Consent of the data subject - refers to anyrefers to any freely given, specific, informed indication of will, wherebyfreely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing ofthe data subject agrees to the collection and processing of personal information about and/or relating to him or her.personal information about and/or relating to him or her. Consent shall be evidenced byConsent shall be evidenced by writtenwritten,, electronicelectronic oror recordedrecorded means. It may also be given on behalf of the datameans. It may also be given on behalf of the data subject by an agent specifically authorized by the datasubject by an agent specifically authorized by the data subject to do so.subject to do so.
  • 14. In the absence of a written, electronic or recordedIn the absence of a written, electronic or recorded Consent, processing of Personal Data will still beConsent, processing of Personal Data will still be lawful if it falls within the circumstances in the DPA:lawful if it falls within the circumstances in the DPA: Section 12. (b) – (f)Section 12. (b) – (f) andand Section 13. (b) – (f)Section 13. (b) – (f)
  • 17. 5 Pillars of Compliance
  • 18. Obligations of the PersonalObligations of the Personal Information Controller( PIC )Information Controller( PIC ) 1. PROTECT the Personal Data of Data Subjects that the organization is processing 2. AVOID, PREVENT and MANAGE Data Privacy Breaches 3. ENSURE COMPLIANCE with the Data Privacy Act and its Internal Rules and Regulations
  • 19. 1. PROTECT the Personal Data of Data Subjects that the organization is processing 8 Rules of Data Protection 1. Obtain and process information fairly 2. Keep it only for one or more specified, explicit and lawful purposes 3. Use and disclose it only in ways compatible with these purposes 4. Keep it safe and secure 5. Keep it accurate, complete and up-to-date 6. Ensure that it is adequate, relevant and not excessive 7. Retain it for no longer than is necessary for the purpose or purposes 8. Give a copy of his/her personal data to an individual, on request https://encrypted-tbn0.gstatic.com/images? q=tbn:ANd9GcRlSiypeFd1tcdWH4UjviuBB3xC2nLDMB5tKr CIUt3zHks1NRXy Obligations of the PICObligations of the PIC
  • 20. 2. AVOID, PREVENT and MANAGE Data Privacy Breaches How do Privacy Breaches Occur • LOST OR STOLEN laptops, removable storage devices (usb, external drives), paper records containing personal information • FAILURE TO ERASE CONTENT of hard disk drives or other digital storage media when being disposed or returned to equipment lessors • HACKING of databases by individuals outside the agency or organization • UNATHORIZED ACCESS BY EMPLOYEES of personal information outside the authorization of their employment • IMPROPER ACQUISITION of paper records from unsecure recycling or garbage bins • MISTAKE in providing personal information to the wrong person • IMPERSONATION by an individual deceiving an agency or organization into improperly releasing the personal information of another https://d2r9nfiii89r0l.cloudfront.net/article/images/7 40x500/dimg/after-data-breach_1.jpg Obligations of the PICObligations of the PIC
  • 21. 3. ENSURE COMPLIANCE with the Data Privacy Act and its Internal Rules and Regulations How do we comply with the DPA 1. Appoint a Data Privacy Officer (DPO) 2. Conduct Personal Data Inventory 3. Conduct Privacy Impact Assessment 4. Develop a Privacy Notice 5. Create a Privacy Manual • General Policy • Organizational, Physical and Technical Security Measures • Data Breach Protocols 1. Implement the Privacy Management Program embedded in the Privacy Manual 2. Monitor Data Privacy Accountability and Compliance https://privacy.gov.ph/implementing-privacy-and-data-protection-measures/ Obligations of the PICObligations of the PIC
  • 22. What is your role asWhat is your role as Document Custodian?Document Custodian?
  • 23. Data and Document Custodian’sData and Document Custodian’s Role in DPARole in DPA 1.Process Personal Data in accordance with: 1. CEU Policy on Data Processing 2. Data Privacy Act 2.Prevent Security Incidents and Data Breaches 3.Respect the Rights of the Data Subject
  • 24. Role No. 1Role No. 1 LAWFUL PROCESSING 1.COLLECT personal data pursuant to legitimate purposes only 2.USE personal data according to the legitimate purposes for which it was collected in accordance with the Principles of Data Privacy
  • 25. Principles of Data PrivacyPrinciples of Data Privacy The Data Subject must be aware of the NATURE, PURPOSE, and EXTENT of processing of his/her personal data, including the: • Risks and safeguards involved • Identity of the Personal Information Controller (PIC) • Rights as a Data Subject and how these rights can be exercised After the data subject has been duly informed, his/her CONSENT must be secured, stating therein that the data subject agrees to the collection and processing of personal information about and/or relating to him/her. http://incentiveandmotivation.com/wp-content/uploads/2017/11/How-transparency-can-help-motivate-staff-.jpg Transparency
  • 26. The processing of information shall be COMPATIBLE WITH A DECLARED AND SPECIFIED PURPOSE which must not be contrary to law, morals or public policy. http://www.lifeopedia.com/wp-content/uploads/2014/05/164006814-580x324.jpg Legitimate Purpose Principles of Data PrivacyPrinciples of Data Privacy
  • 27. Processing of information shall be ADEQUATE RELEVANT SUITABLE NECESSARY NOT EXCESSIVE in relation to a declared and specified purpose. http://www.essentialbaby.com.au/content/dam/images/2/9/x/d/8/image.related.articleLeadwide.620x349.29xd3. png/1367891687307.jpg Proportionality Principles of Data PrivacyPrinciples of Data Privacy
  • 29. Role No. 2Role No. 2 PREVENT SECURITY AND DATA BREACHES 1.SHARE or DISCLOSE only to those authorized by the organization or if required by law 2.STORE personal data in accordance with security policies 3.DISPOSE securely and in accordance to accepted modes of disposal
  • 30. Role No. 3Role No. 3 RespectRespect Data Subject Rights Under the DPAData Subject Rights Under the DPA 1. The Right to be Informed The Data Subject has the right to be informed that his/her personal data shall be, are being or have been processed. 2. The Right to Access The Data Subject has the right to gain reasonable access to his/her personal data. 3. The Right to Correction or Rectification The Data Subject has the right to dispute any inaccuracy or error in your personal data and to have it corrected immediately, provided it is not vexatious or unreasonable. Images sourced at: https://privacy.gov.ph/know-your-rights/
  • 31. 4. The Right to Erasure or Blocking The Data Subject has the right to suspend, withdraw or order the blocking, removal or destruction of his/her personal data upon discovery and substantial proof of any of the following: • His/her personal data is incomplete, outdated, false, or unlawfully obtained; • It is being used for purposes not authorize; • The data is no longer necessary for the purposes for which they were collected; • The Data Subject decided to withdraw consent, or objected to its processing, and there is no overriding legal ground for its processing; • The data concerns personal information prejudicial to the data subject – unless justified by freedom of speech, of expression, or of the press; or otherwise authorized; • The processing is unlawful; or • The Personal Information Controller (PIC), or the Personal Information Processor (PIP), violated the rights of the Data Subject. Images sourced at: https://privacy.gov.ph/know-your-rights/ Data Subject Rights Under the DPAData Subject Rights Under the DPA
  • 32. 5. The Right to Object The Data Subject has the right to object to the processing of his/her personal data, including processing for direct marketing, automated processing or profiling. In case of changes or amendment to the information declared to the Data Subject regarding the processing of his/her information, the Data Subject has the right to be notified and given an opportunity to withhold consent. Once exercised, the Personal Data Controller (PIC) will no longer process the data, unless: • The personal data is needed pursuant to a subpoena; • The collection and processing are for obvious purposes, including, when it is necessary to the performance of or in relation to a contract or service which the data subject is a party, or when necessary or desirable in the context of an employer-employee relationship between the collector and the data subject; or • The information is being collected and processed as a result of a legal obligation. Images sourced at: https://privacy.gov.ph/know-your-rights/ Data Subject Rights Under the DPAData Subject Rights Under the DPA
  • 33. 6. The Right to Data Portability For personal information processed by electronic means, the Data Subject has the right to obtain a copy of his/her personal data in electronic format that is commonly used and allows for further use. 7. The Right to Damages The Data Subject may claim compensation if he/she suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, constituting a violation of his/her rights and freedoms as a data subject. 8. The Right to File a Complaint The Data Subject may file a complaint with the National Privacy Commission if he/she is the subject of a privacy violation or personal data breach, or who are otherwise personally affected by a violation of the Data Privacy Act. Images sourced at: https://privacy.gov.ph/know-your-rights/ Data Subject Rights Under the DPAData Subject Rights Under the DPA
  • 34. Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 25: (a)Unauthorized processing of Personal Information (b)Unauthorized processing of Sensitive Personal Information   Imposed on persons who process PI/SPI without the consent of the data subject, or without being authorized under this Act or any existing law.   (a)1 – 3 years (b)3 – 6 years (a)P500,000 – P2,000,000 (b)P500,000 – P4,000,000 Section 26: (a)Accessing Personal Information Due to Negligence (b)Accessing Sensitive Personal Information Due to Negligence   Imposed on persons who, due to negligence, provided access to PI/SPI without being authorized under this Act of any existing law.   (a)1 – 3 years (b)3 – 6 years (a)P500,000 – P2,000,000 (b)P500,000 – P4,000,000
  • 35. Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 27: (a)Improper Disposal of Personal Information (b)Improper Disposal of Sensitive Personal Information   Imposed upon persons who knowingly or negligently dispose, discard, or abandon the personal information of an individual in an area accessible to the public or has otherwise placed the personal information of an individual in its container for trash collection.   (a)6 months – 2 years (b)1 – 3 years (a)P100,000 – P500,000 (a)P100,000 – P1,000,000 Section 28: (a)Processing of Personal Information for Unauthorized Purposes (b)Processing of Sensitive Personal Information for Unauthorized Purposes   Imposed upon persons processing PI/SPI for purposes not authorized by the data subject, or otherwise authorized under this Act or under existing laws.   (a)1 year and 6 months – 5 years (b)2 – 7 years (a)P500,000 – P1,000,000 (a)P500,000 – P2,000,000
  • 36. Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 29: Unauthorized Access of Intentional Breach   Imposed upon persons who knowingly and unlawfully, or violating data confidentiality and security data systems, breaks in any way into any system where personal and sensitive personal information is stored.   1 – 3 years P500,000 – P2,000,000 Section 30: Concealment of Security Breaches Involving Sensitive Personal Information   Imposed on persons who, after having knowledge of a security breach and of the obligation to notify the Commission pursuant to Section 20(f), intentionally or by omission, conceal the fact of such security breach.     1 year and 6 months – five years P500,000 – P1,000,000
  • 37. Penalties under the DPAPenalties under the DPACriminal Act Imprisonment AND Fine Section 31: Malicious Disclosure   Imposed on PICs, PIPs or any of its officials, employees or agents who, with malice or in bad faith, discloses unwarranted or false information relative to any PI/SPI obtained by him or her.   1 year and 6 months – 5 years P500,000 – P1,000,000 Section 32:   (a)Unauthorized Disclosure of any Personal Information (b)Unauthorized Disclosure of any Sensitive Personal Information   Imposed on PICs, PIPs or any of its officials, employees or agents who discloses to a third party PI/SPI not covered by the immediately preceding section without the consent of the data subject.   (a)1 – 3 years (b)3 – 5 years (a)P500,000 – P1,000 000 (b)P500,000 – P2,000,000
  • 38. Penalties under the DPAPenalties under the DPA Criminal Act Imprisonment AND Fine Section 33: Combination or Series of Acts   Any combination or series of acts as defined in Sections 25 – 32 shall make the person liable for the increased penalty   3 – 6 years P1,000,000 – P5,000,000 Section 35: Large Scale   The maximum penalty in the scale of penalties shall be imposed when the Personal Information of at least One Hundred (100) persons is harmed, affected or involved as the result of the commission of such criminal acts.  
  • 40. CEU Data Privacy StatementCEU Data Privacy Statement Centro Escolar University is committed to respect andCentro Escolar University is committed to respect and value the privacy rights of individuals.value the privacy rights of individuals. We will ensure that all personal data are protected andWe will ensure that all personal data are protected and processed in accordance with Republic Act No. 10173processed in accordance with Republic Act No. 10173 or the Data Privacy Act of 2012 and its Implementingor the Data Privacy Act of 2012 and its Implementing Rules and Regulations.Rules and Regulations. We recognize the confidentiality of personal data andWe recognize the confidentiality of personal data and adhere to the general principles of transparency,adhere to the general principles of transparency, legitimate purpose, and proportionality.legitimate purpose, and proportionality.
  • 41. Data Privacy ActData Privacy Act RA 10173RA 10173 Thank you. To proceed click the link below: https://goo.gl/forms/7nv7CYUBAJqOzy0i1 To proceed click the link below: https://goo.gl/forms/7nv7CYUBAJqOzy0i1