Featured - 4 items
Philippines’ Data Privacy Act (DPA) is a law that aims to protect individual personal information both in government and private sector. The implementing rules and regulation (IRR) was promulgated in August 2016. Individuals and organizations which fail to comply may be fined up to Php 7 million fine and/or imprisonment, and may suffer reputational damage.
Are you prepared?
Data privacy encompasses the rights of individuals and obligations of organizations with respect to the collection, storage, use, disclosure, retention, and disposal of personal data i.e. across the data life cycle.
Data privacy challenges
- Understanding Data Privacy
- Management of personal data
- Compliance with regulatory requirements (local and global)
- Data security
Understanding Data Privacy
Privacy is one of the foundation of trust in any industry. PwC Risk Assurance - Data Protection & Privacy Services assists client to build trust by helping in proactively addressing privacy. We can help the client to better understand the data privacy within their organization and how it fits within their overall business strategy.
Management of personal data
Client may not be aware of the personal data collected and the purposes for which it is being used. Therefore they are unable to maximize the use of all personal data. Some personal data is distributed across the organization, often sitting within numerous business process and technologies, and as a consequence there are significant challenges in cost and managing of these data. PwC Risk Assurance - Data Protection & Privacy Services provide recommendation to better manage personal data including development of policies and procedures.
Compliance with regulatory requirements (local and global)
With the implementation of local and global Privacy laws, organizations are mandated to comply with the requirements over processing of personal data. With PwC Risk Assurance - Data Protection & Privacy Services understanding of the law and involvement on different data privacy implementation projects, we can assist the client on their data privacy journey.
Data security
PwC Risk Assurance - Data Protection & Privacy Services can help identify the internal and external threats to the security over personal data and and recommend appropriate controls to ensure compliance with relevant regulation and standards. In addition, we can help the client determine if they are well prepared to respond to a breach and test their data security capability.
How we can help
The impact is not just on legal, compliance, or cyber security but also how companies take business decisions, leverage information, and deal with third parties when it concerns personal data. A problem this complex requires multifaceted and holistic approach with involvement of business, legal, technology, and IT security leadership.
PwC’s unique cross competency privacy team of risk and assurance specialists, cyber security experts, and lawyers help organizations understand their data privacy obligations, navigate the underlying technology, demonstrate accountability and build trust with customers, employees and third parties.
Privacy Compliance Advisory Services
Develop relevant requirements based on the Five Pillars of Data Privacy Accountability and Compliance set by National Privacy Commission (NPC).
- Establishment of Data Protection Office (DPO)
- Personal data inventory
- Data privacy manualization
Privacy Managed Services
Assist in the conduct of the Data Protection Office (DPO) functions and activities to implement data privacy measures.
- External Data Protection Office (DPO)
- DPO secondment
Privacy Assessment Services
Perform privacy assessment depending on the client’s need to review the design and effectiveness of the implemented data privacy measures based on the requirements of the law and other applicable standards.
- Privacy impact assessment
- Privacy maturity assessment
- Privacy compliance assessment
Other Privacy Services
- Privacy awareness trainings and workshops
- Contracts review
- Vulnerability Assessment and Penetration Testing (VAPT) readiness assessment
- Information Security Management System (ISMS) readiness assessment
- Technical security reviews
Other services
Related Content
Contact us
Mark Anthony P. Almodovar
Risk Assurance Executive Director, PwC Philippines
Tel: +63 (2) 8845 2728
Follow PwC Philippines
