PH urged to boost data security
Credit to Author: Tyrone Jasper Piad| Date: Fri, 26 Apr 2019 16:19:21 +0000
Stressing the importance of information security, the New Zealand Privacy Commission urged the Philippines to protect its data from breaches or unauthorized access amid the increasing risks and vulnerabilities in the digital economy.
Speaking before government executives and businessmen during the Data Privacy Council meeting in Manila on Friday, New Zealand Privacy Commissioner John Edwards said a privacy officer should be assigned per agency or organization to monitor information security and compliance.
“It is very important for you to ensure that they have the tools they need to keep your company compliant and safe,” he said.
He said implementing a breach notification system is necessary to alert the privacy commission on data attacks in the country. This would help the agency “critique” the data security systems of units victimized by unauthorized access, he added.
In the Philippines, the National Privacy Commission (NPC) mandates Personal Information Controllers (PICs) to send notification within 72 hours upon discovery of personal data breach, reporting the scope, nature and extent of the attack.
NPC Commssioner Raymund Liboro said the PICs should take measures to protect data subjects once they know about the hacking. The Privacy Data Act dictates “that failure to timely report a data breach is punishable by up to 5 years imprisonment and a fine of up to P1 million upon conviction.”
To reiterate his point, Edwards said, “[Data should be] stored securely and prevent them from being leaked. We have seen problems all around the world and the Philippines hasn’t been immune from them.”
He said one of the major data attacks in the country was the ‘Comeleak’, a security breach involving the Commission on Elections (Comelec) in 2016 when a hacker group got into the commission’s database and posted the personal information of 55 million registered voters, including names, birthdays and addresses, among others, online.
Edwards also called on local privacy officers not to treat complaints as “nuisance” but as a learning tool to understand their jobs better. He shared that, as an official, he was receiving 800 to 900 complaints a year.
Earlier, the NPC said it was coordinating with the Comelec and other involved agencies to ensure that ‘Comeleak is not repeated in the upcoming elections. Liboro pledged to further uphold data privacy and security in the country. ‘The Philippines, just like New Zealand, is aiming for an enhanced enforcement system,” he said.
The post PH urged to boost data security appeared first on The Manila Times Online.