Personal Data Protection Act Of 2012

data protection act of 2012

What is the personal data protection act of 2012? Data Privacy Act of 2012 (DPA) “to protect the fundamental human right to privacy of communication while ensuring free flow of information to promote innovation and growth. In this article, we will know the summary of this act.

Personal Data Protection Act Of 2012

The Personal Data Protection Act of 2012 is a Philippine law designed for the protection of the personal data of individuals. It aims to set out the rules for the usage and protection of personal data, provide incentives for organizations to implement protective measures, and provide penalties for violations.

To restrict or prohibit the processing of personal data that has violated the law. Also, in breach of the contract entered into by the data user with such data subjects and to require the data user to delete or return such personal data or both;

To restrict or prohibit any other action concerning personal data that is inconsistent with the provisions of this Act. Also, to take measures to prevent further violations of this Act;

To take necessary measures to ensure compliance with this Act. Also, to issue corresponding guidelines, orders, and instructions, subject to civil and administrative sanctions for non-compliance with the same;

The National Privacy Commission is the regulatory body for the enforcement of this Act. The Commission shall be of a Chairman and four Commissioners who shall possess proven competence, integrity, probity, and independence.

Commission

The Commission has the power to issue orders and resolutions to carry out the provisions of this Act. Also, the commission may issue rules and regulations that it deems necessary to carry out its functions under this Act, subject to civil and administrative sanctions for non-compliance with the same.

To set standards that protect personal data and ensure free flow of information, subject to civil and administrative sanctions for non-compliance with the same. Also, to formulate guidelines for the protection of personal data, taking into account the risks in their processing and the nature of the data to be protected.

Not later than six months from the effectiveness of this Act, each agency shall formulate and publish a data privacy policy containing the measures it shall adopt to ensure compliance with this Act. 

Such policy shall be available to the public upon request. Also, each agency shall post in a conspicuous place on its premises a copy of its data privacy policy.

Personal Data

Personal data may only be collected, used, and disseminated for purposes directly related to the services requested. 

It is by the individual concerned or where the individual concerned gives his/her consent. Also, personal data may only be from the individual concerned unless otherwise allowed by law or by the Commission.

Each data user shall implement appropriate measures to ensure the security and confidentiality of personal data, and prevent any unauthorized access, use or disclosure. 

Such data, and regularly evaluate the effectiveness of such measures. Also, each data user shall establish a security incident response team that shall be of any security breach and act on it without delay.

Conclusion

This act restricts the use of personal data to only those who have a business relationship with the individual concerned. Also, the information collected by a data user should be accurate, relevant, and not excessive.

Click to rate this post!
[Total: 0 Average: 0]