edsel linkedin

I’m thrilled to share that OneTrust DataGuidance has recently featured my latest article on the Philippine National Privacy Commission‘s Amendments to the 2021 Rules of Procedure.

In this piece, we discuss key amendments and their practical implications for Personal Information Controllers (PICs), focusing on compliance checks, alternative dispute resolutions (ADR), and NPC orders and decisions.

Read the full article here: https://lnkd.in/gWDHmMr7
Philippines: Updated rules on compliance checks
By Edsel Tupaz
Contributor: Luis Teodoro Pascua

Special thanks to Luis Teodoro Pascua for his invaluable contributions.

At ​Gorriceta Africa Cauton & Saavedra | GorricetaLaw, I lead initiatives in Data Privacy, Cybersecurity, and Artificial Intelligence.

Summary of the Article:

Compliance Checks: The NPC’s Compliance and Monitoring Division (CMD) conducts privacy sweeps, document submissions, and on-site visits (OSVs) year-round, based on risk levels, reports, registration status, unsecured data, and other non-compliance indicators. Actions include issuing warnings, document submission notices, and show cause orders for non-compliance.

Privacy Sweeps: Conducted in public areas, these can result in warnings, document submission notices, or show cause orders. Non-compliance may lead to fines and enforcement actions.

On-Site Visits (OSVs): For persistent issues or significant non-compliance, OSVs now require a five-day notice and specified documents. CMD issues deficiency reports based on OSV findings. PICs and PIPs should review privacy management, ensure data sharing agreements, and document data processing activities.

Alternative Dispute Resolution (ADR): Mediation can now be conducted via videoconferencing. Confirmation conferences ensure settlement compliance, with non-appearance waiving certain rights. Re-application for mediation is allowed unless prohibited due to non-appearance.

Decisions: The rules cover case dismissals, allowing complainants to file cases elsewhere.

Key actions for PICs and PIPs include maintaining compliance documentation, conducting privacy impact assessments, and preparing for ADR scenarios with litigation teams.

See our latest News

Minh Nguyễn Hoàng

Essential Legal Requirements for FDI in Vietnam: Complian...

October 15, 2024

Minh Nguyễn Hoàng

Navigating FDI Restrictions in Vietnam: Opportunities and...

October 15, 2024

Minh Nguyễn Hoàng

Understanding Foreign Ownership Limits in Vietnam: Sector...

October 15, 2024

Alicea Castellanos

DOING BUSINESS IN AMERICAN STATES CAN NOW LEAD TO REPORTI...

October 14, 2024

Alicea Castellanos

HACER NEGOCIOS EN ESTADOS AMERICANOS AHORA PUEDE GENERAR ...

October 14, 2024

Minh Nguyễn Hoàng

How to Obtain a Vietnam Investment Registration Certifica...

October 14, 2024

Minh Nguyễn Hoàng

Demystifying Vietnam’s FDI Screening Process: What ...

October 14, 2024

Sareesh Rawat

Determining Enforceability of Teaming Agreements

October 13, 2024

Minh Nguyễn Hoàng

Comprehensive Guide to FDI Regulations in Vietnam: What I...

October 12, 2024

Minh Nguyễn Hoàng

Mastering the Process of Obtaining Foreign Investment Lic...

October 12, 2024