Running head: INFORMATION AND COMMUNICATION TECHNOLOGY 1

Living in the IT Era

Alyssa Jean Bermejo

John Michael Navarro

John Carlo Santiano

Erica Siarot

Mcvenz Valbarez

BSA 2-7
DATA PRIVACY 2

DATA PRIVACY

Data privacy, also called information privacy, is the aspect of information technology

(IT) that deals with the ability an organization or individual has to determine what data in a

computer system can be shared with third parties.

WHY IS DATA PRIVACY IMPORTANT?

 To prevent third parties from accessing it. Some key information is stored by

businesses in the form of employee records, loyalty schemes, customer details, etc. These

include name, address, phone number, email, bank details, health information, etc. These

are important and sensitive data and needs to be protected from third parties. This

information can be used for identity theft, phishing scams or other types of fraudulent

activities.

 It is the law. According to the Data Protection Act, businesses, organizations and the

government need to abide by certain laws. They must use people’s data in a specified

way and not store it longer than it is necessary. The data must be kept secure and safe. If

anyone violates the data protection law then they may be fined.

 For freedom of choice. A person has the freedom of thought and speech. If there is a

watchful eye on everything that you are browsing on the Internet or on your personal

details, then the privacy is hampered. No one has the right to interfere with a person’s

privacy.

DATA PRIVACY ACT OF THE PHILIPPINES

Republic Act No. 10173, otherwise known as Data Privacy Act of 2012, protects

individuals from unauthorized processing of personal information that is (1) private, not publicly
DATA PRIVACY 3

available; and (2) identifiable, where the identity of the individual is apparent either through

direct attribution or when put together with other available information. It is a law that seeks to

protect all forms of information, be it private, personal, or sensitive. It is meant to cover both

natural and juridical persons involved in the processing of personal information. The DPA’s

Implementing Rules and Regulations was put in effect on September 9, 2016, thus mandating all

companies to comply.

First, all personal information must be collected for reasons that are specified, legitimate,

and reasonable. In other words, customers must opt in for their data to be used for specific

reasons that are transparent and legal. Second, personal information must be handled properly.

Information must be kept accurate and relevant, used only for the stated purposes, and retained

only for as long as reasonably needed. Customers must be active in ensuring that other,

unauthorized parties do not have access to their customers’ information. Third, personal

information must be discarded in a way that does not make it visible and accessible to

unauthorized third parties.

Companies with at least 250 employees or access to the personal and identifiable

information of of at least 1,000 people are required to register with the National Privacy

Commission and comply with the Data Privacy Act of 2012. Some of these companies are

already on their way to compliance — but many more are unaware that they are even affected by

the law.

The National Privacy Commission, which was created to enforce RA 10173, will check

whether companies are compliant based on a company having 5 elements:

DATA PRIVACY 4

1. Appointing a Data Protection Officer

2. Conducting a privacy impact assessment

3. Creating a privacy knowledge management program

4. Implementing a privacy and data protection policy

5. Exercising a breach reporting procedure

Unauthorized processing, negligent handling, or improper disposal of personal

information is punishable with up to six (6) years in prison or up to five million pesos (PHP

5,000,000) depending on the nature and degree of the violation.

5 SIMPLE TIPS TO HELP PROTECT YOUR PERSONAL DATA

Since data privacy is such a prevalent issue, many government organizations and

corporations spend millions of dollars each year to help protect their data—which could include

your PII—from exposure. The average consumer probably doesn’t have that kind of money to

spend. But there are inexpensive steps you can take to help protect your data. Here are a few

suggestions:

1. At home, use a mail slot or locking mailbox, so that thieves can’t steal your mail.

2. Before discarding, shred documents, including receipts and bank and credit card

statements, that contain personal information.

3. Make sure to secure your home Wi-Fi network and other devices so that criminals can’t

“eavesdrop” on your online activity.

4. Don’t automatically provide your Social Security number just because someone asks for

it. Determine if they really need it and, if so, ask how they’ll help protect it.

5. Use strong, unique passwords for all of your online accounts.

DATA PRIVACY 5

One final recommendation to help you keep your data private: Regularly assess the

privacy settings on your social media accounts. If you don’t, you may be sharing a lot more than

just your name with people you’ve never met—and a savvy criminal could use that information

to steal your identity and a lot more.

DATA PRIVACY 6

Bibliography

Amihan. (2017, July 10). The Beginner’s Guide to RA 10173 (Data Privacy Act of 2012).

Retrieved August 2, 2019, from AMIHAN:

https://amihan.net/2017/07/10/beginners_guide_to_ra_10173/

Johnathan, H. (2018, May 11). 3 reasons why data protection is so important. Retrieved AUgust

2, 2019, from PIAFProject: https://www.piafproject.eu/data-protection/importance-of-

data-protection

Rouse, M. (n.d.). data privacy (information privacy). Retrieved aUGUST 2, 2019, from

SearchCIO: https://searchcio.techtarget.com/definition/data-privacy-information-privacy

Symantec. (n.d.). What Is Data Privacy and Why Is it Important? Retrieved August 2, 2019,

from LifeLock: https://www.lifelock.com/learn-identity-theft-resources-what-is-data-

privacy-and-why-is-it-important.html