DATA PRIVACY ORIENTATION
Contributed by Myra AranasDate: March 27, 2018Posted by: Marionette Martinez
The Student Services team, headed by Ms. Myra Arañas, RGC, together with Ms. Raquel Evangelista, RGC, Guidance Services Coordinator, and Dr. Joanne Popanes, Human Resource Services Director, conducted an orientation on Republic Act No. 10173, also known as the Data Privacy of 2012. The session was held on 19 February 2018 in Room 217 for student leaders and on 26 February 2018 in the Viewing Room for non-academic personnel.
The orientation started with an opening prayer followed by video clips giving a brief overview of the law. The government has mandated all institutions to start implementing the policies on the Data Privacy Act of 2012. The policy governs the safety and security of data relating to individuals in the organization. In the context of St. Paul University Manila, this applies to relevant information collected from the students and employees which may be held in the office by concerned employees or a third party affiliated with the institution and which is being used for justifiable purposes.
All collection, processing, and retention of personal data and information must be done in accordance with the following principles:
1. Informed consent is required prior to the collection of all personal data. In order for a data subject to give an informed consent as to the collection and processing of his personal data, he must be informed about the extent and purpose of processing. The consent shall be evidenced by written, electronic, or recorded means, or through an authorized representative of the data subject. Consent is further required for sharing information with affiliates.
2. Personal data shall be processed fairly and lawfully. Processing should ensure data quality. This means the data must always be accurate or must be rectified in case of inaccuracy.
3. Personal data shall not be retained longer than necessary. Any authorized further processing shall have adequate safeguards
The National Privacy Commission has given three general principles for data privacy in the Philippines. First, transparency, where the data subject must be aware of the nature, purpose, and extent of the processing of his/her personal data, including the risks and safeguards involved. Second, legitimate purpose, where the processing of information shall be compatible with a declared and specified purpose, which must not be contrary to law, morals, or public policies. Lastly, proportionality, where the processing of information shall be adequate, relevant, suitable, necessary, and not excessive in relation to a declared and specified purpose.
After presenting the content and guidelines of the law, Ms. Arañas opened the floor for questions from the participants. She also emphasized the important role of each of the staff in the improvement of the systems and processes related to data privacy in their respective units. Ms. Arañas ended the orientation by encouraging everyone to know more about the law by visiting the website of the National Privacy Commission (www.privacy.gov.ph).