DPA Handbook

Download as pdf or txt
Download as pdf or txt
You are on page 1of 12

FACTA ESSENTIALS

RA 10173: DATA PRIVACY ACT (DPA)

Republic of the Philippines


Congress of the Philippines
Metro Manila
Fifteenth Congress
Second Regular Session

Begun and held in Metro Manila, on Monday, the twenty-fifth day of July, two thousand eleven.

[REPUBLIC ACT NO. 10173]

AN ACT PROTECTING INDIVIDUAL PERSONAL INFORMATION IN INFORMATION AND


COMMUNICATIONS SYSTEMS IN THE GOVERNMENT AND THE PRIVATE SECTOR,
CREATING FOR THIS PURPOSE A NATIONAL PRIVACY COMMISSION, AND FOR
OTHER PURPOSES

Be it enacted, by the Senate and House of Representative of the Philippines in Congress assembled:

CHAPTER I
GENERAL PROVISIONS

SECTION 1. Short Title. - This Act shall be known as the “Data Privacy Act of 2012”.
WHY DOES PRIVACY MATTER?

Information can be compromised


without the Individual being aware

May lead to negative effects


on individual

Invasive if done sparingly and


poses risks to democratic life
WHY DOES PRIVACY MATTER?

IDENTITY THIEVES CAN: IMPACT ON VICTIMS:

Get a Loan Denial of credit/loans

Open Credit Cards Denial of public service

Open Utility Accounts Denial of medical care

Apply for a Refund Harassment by collectors

Apply for Employment Lawsuits

Get Medical Care Stress/anxiety

Commit Crime or Fraud Embarrassment

Time/expenses spent on
recovery steps
DATA SUBJECT

PERSONAL DATA -
PERSONAL INFORMATION

DATA SUBJECT The identity of an individual is


apparent or can be reasonably
and directly ascertained
An individual whose personal,
sensitive personal, or privileged
information is processed When put together with other
information would directly and
certainly identify an individual
PERSONAL DATA - SENSITIVE PERSONAL INFORMATION

race, ethnic, origin, health, education, government-issued established by an


marital status, age, genetic or sexual life, identifiers executive order
color, and religious, crimincal history or law as classified
philosophical or information
political affiliations
PROCESSING

collection storage

consultation blocking

operation or any set of recording updating or


operations performed upon modification
personal information use erasure
including, but not limited to:
organization retrieval

consolidation destruction
DPA PRINCIPLES OF DATA PROCESSING

The data subject must be aware of the (i) nature, purpose,


TRANSPARENCY and extent of the processing (ii) risks and safeguards involved,
(iii) the identity of PIC, and (iv) his rights as data subject

The processing shall be compatible with a


LEGITIMATE PURPOSE declared & specified purpose.

The processing shall be adequate, relevant, suitable,


PROPORTIONALITY necessary and not excessive in relation to a declared and
specified purpose.
RIGHTS OF DATA SUBJECTS

Right to be Informed

Right to Object

Right to Access

Right to Correct

Right to Block / Remove

Right to Data Portability

Right to Damages

Right to report to the


National Privacy Commission
MY PRIVACY OBLIGATIONS TO CLIENTS

1 Keep client information private and secure.

2 Do NOT disclose client information unless


authorized to do so by Sun Life or the client.

3 Notify clients that by requesting a proposal


and/or submitting an application, they allow
Sun Life, its employees, service providers
and related parties to process their personal data.
Client data will be retained in the application
system for 1 year.

4 Do NOT keep copies of clients’


application forms or other
documents containing personal data.
Loss or unauthorized disclosure is
punishable under the DPA.
MY PRIVACY OBLIGATIONS TO CLIENTS

5 Assist clients who wish to access their data with Sun Life.
Clients may access their data by filling out an Access
Request Form and submitting it through:

YOU (their Financial Advisors)

submitting the Access Request Form


at any of our Client Service

Email at [email protected]  
MY PRIVACY OBLIGATIONS TO CLIENTS

6 Promptly notify Sun Life of any event that may affect


data protection, or may compromise confidentiality of
personal data through:

Email at [email protected]; or

Email to our Data Protection Officer at


[email protected].

Failure to protect and secure client


information is a violation of the Market
Conduct Guidelines andsubject to sanctions
by Sun Life.

You might also like