PGLU Participates in Data Privacy Awareness and Compliance Workshop

By:  Jamie Rose N. Mifa, GPC-ICTD |  By: Terry John Y. Apigo, OPG-ICTD  |  Date: July 06, 2018

PGLU employees and other participants listen intently to Atty. Karl John A. Baquiran who talks about the need for expertise in relevant privacy or data protection policies and practices during the Data Privacy Awareness and Compliance Workshop at the 49th Floor Roof Deck, One San Miguel Bldg., Pasig City on June 27 to 29, 2018.

11 participants from the Provincial Government of La Union (PGLU) attended the Data Privacy Awareness and Compliance Workshop at 49th Floor Roof Deck, One San Miguel Bldg., Pasig City on June 27 to 29, 2018. The PGLU joined the workshop to reinforce its compliance with the data privacy policy and to mitigate operational risks.

The Yisrael Solutions and Consulting (YiSCon) Inc. conducted the said training where almost 50 participants from the public and private sectors attended. There were three participants from Information and Communications Technology Division (ICTD), one from Human Resource Management Division (HRMD) and seven from La Union Medical Center (LUMC).

In said training, Section 2 of Republic Act (RA) No. 10173, also known as the Data Privacy Act of 2012(DPA), was emphasized. It was discussed that it is the policy of the State to protect the fundamental human right of privacy of communication while ensuring free flow of information to promote innovation and growth and to ensure that personal information and communication systems in the government and in the private sector are secured and protected. Thus, all institutions from the Government and Private sector processing personal data in the Philippines are required to comply with RA 10173 as well as its Implementing Rules and Regulations issued by the National Privacy Commission.

There are different types of information an institution can come across in its day to day operations, those include personal, sensitive and privileged information. In line with this, five pillars of Data Privacy Compliance must be institutionalized as follows: appointment of a Data Protection Officer; conduct of a Privacy Impact Assessment; creation of a Privacy Management Program; implementation of Privacy and Data Protection; and preparation of Breach Management Procedures in the organization.

Also, characteristics of a Data Protection Officer (DPO) were iterated. DPOs should have expertise in relevant privacy or data protection policies and practices.

The PGLU, under the leadership of Gov. Francisco Emmanuel “Pacoy” R. Ortega III, will comply with RA 10173 to ensure the proper flow of information that will promote innovation and growth while protecting the fundamental rights to privacy. It shall institutionalize the five pillars in Data Privacy Compliance to ensure information security management in compliance with international standards. Strict and adept compliance to the act can safeguard information in the organization that can be used for better decision making in delivery of services as well as risk management analysis to all processes.