All Threads

default avatar
FAQs Non-Life Insurance Sector
Non-Life Insurance 6 months agoBy: jeson.pura

DP COUNCIL

NON-LIFE insurance SECTOR

Frequently Asked Questions

 

Q.1. Should Local Captive Insurance Call Centers be required to use “Mini Miranda” statements? (Disclose calls are being recorded.)

            “Mini Miranda” statements refer to the legal warning debt collectors are required to use under the Fair Debt Collection Practices Act (FDCPA), a US federal law, in their communications with consumers stating that: the contact is from a debt collector, the purpose of the communication is to ...

4     0
default avatar
FAQs Government Sector
Government 6 months agoBy: Glenda Leah Caringal

DP COUNCIL

GOVERNMENT SECTOR

Frequently Asked Questions

 

Q. 1. Please provide an example or a template of a data sharing agreement between government agencies.

A template of a data sharing agreement is shown in the third edition of the NPC Privacy Toolkit. You may get your agency’s copy of the NPC Privacy Toolkit at the NPC office at the 5th Floor, PICC Delegation Building, CCP Complex, Pasay City. You can also find a copy of the NPC Privacy Toolkit online at https://www.privacy.gov.ph/wp-content/files/attachments/nwsltr/3rdToolkit_0618.pdf.

The template may be found on ...

1     0
default avatar
FAQs BPOs
Business Process Outsourcing 6 months agoBy: jetsiang

Does the Data Privacy Act of 2012 apply to Business Process Outsourcing (BPOs) Organizations?

Yes, the Data Privacy Act of 2012 applies to BPOs. While Section 5(f) of the implementing rules of the law provides that the Act and its implementing rules shall not apply to personal information originally collected from residents of foreign jurisdictions (foreign data) in accordance with the laws of those foreign jurisdictions, it goes on to say that the exemption provided is only to the minimum extent of collection, access, use, disclosure or other processing necessary to the specific ...

2     0
default avatar
FAQs - Individual Professionals
Individual Professionals (Lawyers, Physicians, etc.) 6 months agoBy: TJ Mendoza

 

DP COUNCIL

individual professionals SECTOR

Frequently Asked Questions

 

Q. 1. Can we collect personal information and sensitive personal information?

As a general rule, you can collect personal information, unless otherwise prohibited by law. The criteria for lawful processing of personal data can be found in Section 12 of the Data Privacy Act of 2012.

The rule is reversed in the case of sensitive personal information. The processing of sensitive personal information and privileged information shall be prohibited, unless otherwise allowed. The exemptions can be found ...

0     0
default avatar
FAQ Hotels
Hotels 6 months agoBy: issagayas

DP COUNCIL

Hotels SECTOR

Frequently Asked Questions

 

Q. 1. Does the Data Privacy Act of 2012 (DPA) apply to hotels?

The Act applies to the processing of all types of personal information and to any natural and juridical person involved in personal information processing. If you collect, store, use, share, or disclose any information about a person, the Act applies to your establishment.

Aside from hotels, the law also applies to similar accommodation providers like resorts, tourist inns, pension houses, and serviced apartments who process personal information.

 

Q. 2. ...

5     2
default avatar
FAQ Health Maintenance Organizations
Health Maintenance Organization (HMO) 6 months agoBy: reginenoelle.ignacio

DP COUNCIL

HEALTH MAINTENANCE ORGANIZATIONS SECTOR

Frequently Asked Questions

 

1. Corporate coverage plans are usually procured by employers as part of their employee benefits package. The enrollment procedure is usually just a submission of an e-data by the employer containing the employees personal information. Would an undertaking by the employer that it has secured the consent of the employee to have his/her information shared, disclosed, and processed by the Health Maintenance Organization (HMO) be sufficient? Do we also need to keep physical copies of consents of ...

1     0
default avatar
Education Sector FAQs v.2
Education 6 months agoBy: lainelumanog

DP COUNCIL

Education SECTOR

Frequently Asked Questions

 

  • Is the fact that an individual has passed the entrance exam of a school considered personal information about education, and therefore, qualifies as sensitive personal information?

In our Advisory Opinion No. 2018-020, we treated the names of who have passed entrance exams as personal information. As such, the posting of the names of successful examinees were grounded on Section 12 (f) of the Data Privacy Act of 2012 (DPA) as such posting was necessary for the purposes of the legitimate interest of the institution.

5     2
default avatar
Non-Bank Financial Institution (NBFI) FAQs v3
Non-bank Financial Institution 6 months agoBy: TJ Mendoza

DP COUNCIL

Non-Bank Financial Institution

Frequently Asked Questions

 

Q .1. What is NBFI?

NBFI is a financial institution that does not have a full banking license and cannot accept deposits from the public. However, NBFIs do facilitate alternative financial services, such as investment (both collective and individual), risk pooling, financial consulting, brokering, money transmission, and check cashing. NBFIs are a source of consumer credit (along with licensed banks). These non-bank financial institutions provide services that are not necessarily suited to banks, serve as ...

2     0
default avatar
Banks - FAQs
Banks 6 months agoBy: itvillasoto

DP COUNCIL

BANKING SECTOR

Frequently Asked Questions

 

Q. 1. From an institutional perspective, banks have been exerting best efforts to obtain and document the consent of all its customers, specifically the old account holders that have had accounts long before the existence of the Data Privacy Act of 2012 (DPA). We understand that “negative conforme” type of consent is not acceptable. Given the difficulty of obtaining a positive form of consent, aside from achieving a 100% success rate with regards to obtaining consent from the entire client population, is the ...

5     0
default avatar
Compliance of Banks with BSP Requirements and DPA
Banks 7 months agoBy: marian_padin

Will the compliance of banks with BSP requirements be considered compliance with the DPA and IRR? Some requirements overlap. Will NPC defer to the BSP on this matter? We understand that there is a possibility of a memorandum of agreement between NPC and BSP to align their requirements; is there any update on this?

2     6