The National Privacy Commission (NPC) is experiencing a surge in the registration of data protection officers (DPOs) from the government.
By EDD K. USMAN
Twitter: @edd1819, Instagram: @bluestar0910, Facebook: SDN — Science, Digital & Current News
MORE public sector data protection officers (DPOs) are registering with the National Privacy Commission (NPC).
It is good start for compliance, the government being one of the biggest keepers of citizens’ data.
Following the marked increase in the numbers of DPO registration, the Privacy Commission headed by Commissioner Raymund E. Liboro was prompted to conduct a learning forum to be held on November 13-14 for the public sector.
It will be held at the Luxent Hotel in Quezon City, Metro Manila. The event is titled “DPO COMPLex Workshop for Government”.
In an email to SDN — Science and Digital News, the NPC revealed that “State Universities and Colleges (SUCs) saw the biggest jump in the number of registered entities compared to last year, jumping to 87%. National Government Agencies (NGAs) is next at 73%, followed closely by Government-owned and Controlled Corporations (GOCCs) at 72%, while Local Government Units (LGUs) are at 39%.”
The November 2019 figures dwarf those in the November 2018 registration in the NPC: SUCs was only at 6%, NGAs at 5%, GOCCs at 17%, while LGUs was at 12%.
Liboro’s commission attributed the surge in numbers of registrants to the NPC’s enhanced compliance program launched beginning January this year. The program consisted of intensified privacy sweeps geared towards government institutions as well as compliance awareness campaigns, including the 1st Digital Data Governance for the Public Sector Conference held alongside other events during the Privacy Awareness Week last May.
The privacy commissioner emphasized that the government should the model in compliance to the Data Privacy Law of 2012.
“As one of the biggest repositories of personal data in the country, it is only imperative that the government fully complies and sets the tenor for all other sectors. Compliance begins once an organization’s Data Protection Officer registers with the NPC. It’s not the be-all, end-all of compliance but it’s the crucial start.
“It is an indication of accountability and the willingness to cooperate with the Commission. Compliance itself, however, is a journey and takes some time to perfect. We understand that, so, we provide extensive knowledge support to those who are eager to comply,” Liboro said.
Equipping government DPOs
The 2-day DPO COMPLex is the result of focused group discussions with DPOs from various government offices who discussed with the NPC the challenges they face at work when instituting compliance-related measures and activities.
Day-one (November 13) will be for DPOs in NGAs and LGUs while day-two (November 14) will be for GOCCs and SUCs. It features simulation modules to equip participants with first-hand privacy compliance experience on Data Mapping, Privacy Impact Assessment, Criteria for Lawful Processing, Security Measures, and Breach Management.
By the end of this experiential workshop, participants are expected to be better equipped on how to prepare and maintain records of processing activities of their agencies and create multi-layered privacy notices using these, as well as perform a privacy impact assessment in accordance with NPC Advisory 17-03.
Participating government DPOs are also expected to hone their skills at identifying the appropriate criteria or legal basis for their agency’s personal data processing activities; employing security measures required under NPC Circular 16-01 on security of personal data in government agencies; as well as preparing and implementing data sharing agreements in accordance with NPC Circular 16-02, when applicable.
Lastly, participants are also expected to gain a better understanding of how to establish personal data breach management procedures for their respective agencies in accordance with NPC Circular 16-03.
Due to the limited slots available, the DPO COMPLex is strictly by-invitation-only to registered government DPOs. Event registrants are to be accommodated on a first-come, first-served basis.
For other details, interested government DPOs may inquire with Mr. Cleo R. Martinez, Policy Advisor for Government Sector, at 0936-0432973 and 02-8234-2228 local 118. (NPC/SDN)