The European Innovation, Technology and Science Center in partnership with the European Chamber of Commerce of the Philippines, Cebu are organizing a 1-day workshop on Data Privacy.
For years, business advocated for a Data Privacy Law. We finally got it. Then we advocated for the implementation of the law. It eventually happened with the establishment of the National Privacy Commission (NPC). The NPC then drafted the Implementing Rules and Regulations, which will take full effect by September this year.
Are we happy? Yes and no.
Yes – because we wanted private data to be protected and we wanted to offer that protection in the Philippines which is good for companies doing international business and are processing data.
No – the implementation of the Law is complicated, opens doors to nuisance legal action, requires the employment of data privacy officers, and makes company executives criminally liable for data privacy breaches.
Does the Law and its IRR affect the Philippines as a destination for data processing, data mining and data analytics?
This workshop will discuss the complex situation, explain the rules and will outline the implementation process.
Why should the C-Level attend with its implementers?
- They will benefit from being Data Privacy compliant, which is important for doing business internationally;
- This will help them avoid risks
|Time||Topic||Session Coverage||Target Audience|
|09:15||Introduction to the Data Privacy Act of 2012||Overview of RA 10173, Rights of a Data Subject and Obligations of PIC’s and PIP’s; ex of LGU as a PIC (vaccination case)||C-Level Executives + Implementing Staff (IT, Finance, HR, Operations, Functional Managers)|
|10:00||Module 1: Appoint a Data Privacy Officer|
Activity: 20 questions to help you determine whether you need a full-time DPO
|Present the roles and responsibilities of a Data Privacy Officer versus that of a Compliance Officer. Do the 20-question assessment and compare your risk rating with the other participants. (Handouts: DPO Advisory, 20-question assessment)||C-Level Executives + Implementing Staff (IT, Finance, HR, Operations, Functional Managers)|
|11:00||Module 2: Conduct a PIA|
Workshop: Privacy Impact Assessment and Privacy by Design
|In plenary, work on the vaccination case. In workgroups, participants will work on case studies to identify privacy risks. Using PbD, they will then identify some possible controls. Groups may use the case studies provided, or use their own. (Handouts: Case worksheets, Circular 16-02, Role Cards)||Implementing Staff (IT, Finance, HR, Operations, Functional Managers)|
|01:30||Module 3: Create a Data Privacy Manual|
Activity: Draft a privacy notice for your company’s website
|Be familiarized with the contents of a data privacy manual and show samples of privacy notices||Implementing Staff (IT, Finance, HR, Operations, Functional Managers)|
|02:15||Module 4: Implement Data Protection Measures|
Workshop: Safety and Security Tips
|Overview of Circular 16-01 and round-robin workshop on safety and security tips. (Handouts: Circular 16-01, Tip cards)||Implementing Staff (IT, Finance, HR, Operations, Functional Managers)|
|03:45||Module 5: Handling Data Breaches|
Workshop: Identifying your Top Threats
|Overview of Circular 16-03 and “charades” activity to act out (and identify) what are the participant’s top threat vectors.||Implementing Staff (IT, Finance, HR, Operations, Functional Managers)|
|04:45||Closing and Photo Session||Remind participants to accomplish evaluation forms|
Damian “Dondi” Mapa
Damian “Dondi” Mapa was the Former Deputy Privacy Commissioner of the Republic of the Philippines in 2016. He previously served as a Commissioner of the Commission on Information and Communications Technology (CICT) from 2004 to 2006. Prior to being appointed Deputy Privacy Commissioner, Mr. Mapa was the National Technology Officer for Microsoft Philippines.
He graduated salutatorian of St. Louis Grade School in Dumaguete, Honor Section of La Salle Green Hills High School, and Business Management Honors Program of the Ateneo de Manila University.
Ms. Rachelle Mae O. Cagurungan
Ms. Rachelle Mae O. Cagurungan was the former Executive Assistant IV of the Deputy Commissioner Damian “Dondi” Mapa of the National Privacy Commission. She graduated in Jose Rizal University took up Bachelor of Science Major in Accountancy. She is currently studying a 2-year program in IT Security.
She has 6 years’ experience in Project Management and Project Finance, handled development projects such as e-Governance for Efficiency and Effectiveness Project under Canadian International Development Agency (CIDA) and IT-BPM Knowledge Hub Project under Asian Development Bank.
* In house programs are also available.
** It is required to have a C-Level attendee attend with at least 1 implementing manager
For confirmations and more information, please contact Ms. Jasmin Runez of ECCP at 845 1324 or email firstname.lastname@example.org