Business Process Outsourcing NewsLegislation NewsPart 3 News: Seven Winning Sectors

Senate starts to tackle bill seeking to protect data privacy

THE SENATE has started deliberations on a measure seeking the protection against unauthorized disclosure of data amid advances in technology.

The proposed Data Privacy Act of 2011 under Senate Bill 2965, recommended for approval by the committee on science and technology, proposes safeguards to protect the privacy of personal information of employees in the government and private sector.

“While some companies and government agencies already adhere to stringent regulations on information use, we lack the over-arching policy framework that upholds privacy laws and penalizes individuals for overstepping them,” Senator Edgardo J. Angara, committee chairman, said in his sponsorship speech on the bill.

Defining accountabilities during a security breach on information, he added, will prompt the private and public sectors to beef up data privacy programs.

As a form of deterrent, the bill provides penalties on unauthorized data disclosure to a third party. Violators will be jailed for six months to five years with a fine of P500,000-P1 million. In addition, the unauthorized use of sensitive personal information will entail a fine of P500,000-P2 million and imprisonment of between two years to seven years.

Monetary fine and jail terms were also set against breach of data, unauthorized disclosure to a third party of personal information, and disclosure of sensitive personal information. Personal information as defined by the bill are name and address, while sensitive information include health records, social security number, tax returns and credit card number.

Other penalties were also set for public officers and media practitioners.

Meanwhile, the Senate committee has endorsed the creation of a National Privacy Commission under the Office of the President as implementing agency. It may also recommend to the Department of Justice the prosecution and imposition of penalties to agencies and private entities which fail to provide data security. The commission will also draw up the implementing rules and regulation of the bill within 90 days upon enactment by the President.

Sought for comment, Martin Antonio S. Crisostomo, external affairs executive director of the Business Processing Association of the Philippines, said in a text on Wednesday that “for IT-BPO (information technology-business processing outsource) industry, a Data Privacy Law will pave the way to increased client or investor confidence as it solidifies our commitment of data security to our foreign clients as we process their information here in the Philippines.”

At the House of Representatives, meanwhile, Deputy Majority Leader Roman T. Romulo (Pasig City) has called on the Senate to hasten its approval of the House version that was approved on third and final reading in May.

The appeal, the lawmaker said in a statement, is in line with the comment of Transportation and Communications Secretary Manuel “Mar” A. Roxas II that the Department of Transportation and Communications (DoTC) would challenge technology provider Stradcom Corp. to court for allegedly misusing electronic files of the Land Transportation Office (LTO).

“We will recoup the losses from the unauthorized exploitation of the [LTO database, which is owned by the government. We will file the appropriate cases for restitution,” Mr. Roxas told the Senate committee on finance during a budget hearing.

Stradcom reportedly allowed other entities to obtain access to the LTO database for a fee, without the consent of the government and the individuals whose personal details may have been compromised.

Stradcom is the LTO’s information technology provider.

“The LTO database contains the highly sensitive personal facts of millions of Filipinos, to include all the information in every driver’s license and every certificate of [motor vehicle] registration,” said Mr. Romulo.

“This case has underscored the need for a special law securing the privacy of personal data in our information systems.”

House Bill 4115, the proposed Act Protecting the Privacy of Personal Data in Information Systems authored by Mr. Romulo, is pending in the Senate. The House passed the bill on third and final reading in May.

The bill sets privacy protection rules and provides safeguards against mishandling of records.
==============================================================================
By: RRD
Source: Business World, Oct. 17, 2011
To view the original article, click here.

Comment here