Professional Documents
Culture Documents
Compliance Framework
Ivy D. Patdu, MD JD
National Privacy Commission
Right to privacy
the right to be let alone - 0111
0000
http://pcoo.gov.ph/photo14-112416/
(last accessed Feb. 22, 2017).
Photo available at
Available at http://bayanihannews.com.au/2015/04/20/dswd-training-of-field-
staff-for-listahanan-ongoing/ (last accessed June 14, 2017)
0110
with 0001
your 0111
0100
personal 0110
0100
data? 0111
0101
RIGHT TO INFORMATION PRIVACY
The individuals ability to control the flow of 0111
information concerning or describing him, which 0000
Security
Measures
Uphold
Rights of
Data Subject
DATA PRIVACY PRINCIPLES
TRANSPARENCY
LEGITIMATE PURPOSE
PROPORTIONALITY
SECURITY MEASURES
Rights of Data Subjects
1. Right to Information 0111
2. Right to Object 0000
01100001
01110100
01100100
01110101
Compliance Framework
1. 2. Risk 3. 4. Day to 5. Data
Governance Assessment Organization Day Security
DPO 0110
0001
0111
0100
0110
0100
0111
0101
What do I
2. Risk Assessment process and
how?
q Conduct Privacy
0110
0100
0110
0100
0111
0101
4. Day to Day
q Have Privacy 0111
0000
Notices 0110
Rights 0110
0100
q Policies for every 0111
stage of Data Life Cycle 0101
5. Data Security
q Implement Organizational, Physical and 0111
Technical Security Measures 0000
0110
0001
0111
0100
0110
0100
0111
0101
6. Breaches
q Have in place 0111
0000
Management
0001
Program
0111
0100
Tyler Durden, "Worst-Ever Recorded" Ransomware Attack Strikes Over 57,000 Users Worldwide, Using 0110
NSA-Leaked Tools, ZeroHedge, 12 May 2017, available at http://www.zerohedge.com/news/2017-05-
12/massive-ransomware-attack-goes-global-huge (last accessed May 14, 2017). 0100
Breach Incident Notification
Security 0111
Response Response Document and
Policy 0101
Team Procedure Reporting
7. Third Parties
q Manage Third 0111
0000
0111
0100
0110
0100
Picture from Surabhi Agarwal, BPOs edge towards high-end work in changing market, Live Mint 0111
Sep.6, 2012, available at
http://www.livemint.com/Industry/hdDwofLyBZc0XQI0bb70hO/BPOs-edge-towards-highend-work- 0101
in-changing-market.html (last accesed May 15, 2017)
8. Manage HR
q Undergo 0111
0000
Certifications
0001
0111
q Give Security 0100
Clearance 0110
0100
Accreditations
0001
0111
0100
0110
0100
0111
0101
10. Privacy
16-02 DATA
16-01 SECURITY OF SHARING
PERSONAL DATA IN AGREEMENTS
Ecosystem
GOVERNMENT INVOLVING
AGENCIES GOVERNMENT
AGENCIES
0111
q Be updated 0000
on New 0110
0001
technologies 16-04 RULES OF
PROCEDURE OF THE 16-03 PERSONAL
DATA BREACH 0111
and standard, NATIONAL PRIVACY
COMMISSION MANAGEMENT 0100
Processing of Personal/Sensitive Processing information for other purposes 1yr 6mos Php500,000 to
Information for which are no longer authorized by law or 7 years Php2,000,000
Unauthorized Purpose consent
Access to Personal/Sensitive Persons who provide access due to 1-6 years Php500,000 to
Information due to Negligence negligence shall be liable Php4,000,000
Concealment of Security Breach Duty to notify Privacy Commission in case of 1yr 6mos Php500,000 to
breach (within 72 hours) 5 years Php1,000,000
Robert Hackett, What to know about the Ashley Madison hack (Aug. 26, 2015)available at
http://fortune.com/2015/08/26/ashley-madison-hack/ (last accessed 2/22/17).
http://www.scmp.com/news/hong-kong/politics/article/2082566/laptops-containing-37-million-hong-kong-
voters-data-stolen
Available at: http://www.socialtrendsph.com/2016/02/public-school-teacher-in-p800k-debt_37.html
The recipients' email
addresses, of which 730
contained people's full
names, were entered into
the "to" field instead of
"bcc", which masks the
email addresses of people
receiving the message.
Cara McGoogan, NHS sexual health clinic fined 180K for patients' HIV status leak (May 9, 2016)
Available at www.telegraph.co.uk/technology/2016/05/09/nhs-sexual-health-clinic-fined-180k-
for-patients-hiv-status-leak/ (last accessed Jan.11, 2017).
0111
0000
0110
0001
0111
0100
0110
0100
0111
Kelly Jackson. Healthcare suffers estimated 6.2 Billion in Data Breaches. Available at 0101
http://www.darkreading.com/threat-intelligence/healthcare-suffers-estimated-$62-billion-in-data-breaches/d/d-id/1325482
A Violation of Privacy is an affront to
Human Dignity
Unauthorized use or 0111
disclosure may put 0000
Thank
ivypatdu@privacy.gov.ph 0000
info@privacy.gov.ph 0110
0001
you!
0111
0100
0110
Ivy D. Patdu 0100
0111
National Privacy 0101
Commission