Data Privacy Officer Orientation

The ______________ will be accountable for ensuring compliance by the PIC or PIP with the Data Privacy Act, its IRR, related issuances of the National Privacy Commission, and other applicable laws and regulations relating to data privacy and security

As a PIC or PIP, I am not allowed to outsource or subcontract the DPO functions.

While the responsibility of complying with the DPA, its IRR, issuances by the NPC, and other applicable laws remains with the PIC or PIP, malfeasance, misfeasance, or nonfeasance on the part of the DPO or COP relative to his designated functions may still be a ground for administrative, civil, or criminal liability, in accordance with all applicable laws.

A PIC or PIP, taking into account the complexity of its operations, is not allowed to have more than one data protection officer.

Commission Officer for Privacy” or “COP” refers to an individual or individuals who shall perform some of the functions of a DPO.

An act protecting individual personal information in information and communications systems in the government and the private sector, creating for this purpose a national privacy commission, and for other purposes.

___________ refers to any freely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing of personal information about and/or relating to him or her. Consent shall be evidenced by written, electronic or recorded means. It may also be given on behalf of the data subject by an agent specifically authorized by the data subject to do so.