Philippine Data Privacy Act 2012

Questions and Answers

What is the purpose of the Data Privacy Act of 2012 in the Philippines?

To protect the fundamental human right of privacy and ensure free flow of information

Who is required to register with the National Privacy Commission under the Data Privacy Act of 2012?

Companies with at least 250 employees or access to personal and identifiable information of at least 1,000 people

How should personal data be handled under the Data Privacy Act of 2012?

It should never be collected, processed, and stored without explicit consent, unless provided by law

What is the role of information controllers under the Data Privacy Act of 2012?

To notify individuals if their data have been compromised

Who are considered as personal information controllers (PICs) under R.A. 10173?

Organizations responsible for the control and processing of personal information

Under the Data Privacy Act of 2012, which entities are required to register with the National Privacy Commission?

Companies with at least 250 employees or access to the personal and identifiable information of at least 1,000 people

What is the primary purpose of the Data Privacy Act of 2012 in the Philippines?

To protect the fundamental human right of privacy and ensure free flow of information

What is the requirement for organizations in terms of collecting, processing, and storing personal data under R.A. 10173?

Explicit consent from individuals, unless otherwise provided by law

Who are considered as personal information controllers (PICs) under R.A. 10173?

Information controllers who handle personal data

What does R.A. 10173 require from personal information controllers (PICs) in case of data compromise?

Notify individuals if their data have been compromised, on time

Under the Data Privacy Act of 2012, which entities are required to register with the National Privacy Commission?

Companies with at least 250 employees or access to personal and identifiable information of at least 1,000 people

What is the primary purpose of the Data Privacy Act of 2012 in the Philippines?

To protect the fundamental human right of privacy and ensure free flow of information for innovation and growth

What is the role of information controllers under the Data Privacy Act of 2012?

To notify individuals if their data have been compromised

What does R.A. 10173 require from personal information controllers (PICs) in case of data compromise?

To notify individuals if their data have been compromised, on time

How should personal data be handled under the Data Privacy Act of 2012?

It should never be collected, processed, and stored by any organization without explicit consent, unless otherwise provided by law