Critical industry sectors processing personal data likely to pose risks to the rights and freedom of their subjects are required to be registered at the National Privacy Commission (NPC) under the Data Privacy Act. The range of companies that come under the act is extensive and includes business process outsourcing (BPO) companies along with along with businesses involved in direct marketing, networking, companies providing reward cards and loyalty programs as well as personal information processors (PIPs) for a personal information controller (PIC), and data processing systems involving automated decision making. Furthermore, under the law, organizations with at least 250 employees and those that process records involving sensitive personal information of 1,000 or more individuals must likewise register their data processing systems with NPC, beginning with the registration of their designated Data Protection Officers (Phase I Registration) by next month, September 9, 2017. The new NPC circular 17-01 provides guidelines for the registration of data processing systems as well as notification requirements regarding automated decision-making.
Join the world's premier outsourcing community
Get the world's leading outsourcing news summary, Inside Outsourcing, delivered to your inbox each week, for free. Plus, benefit from being a part of the fastest growing outsourcing community.
- Breaking news: daily web updates with outsourcing sector updates
- Newshub: Browse over 4,000 outsourcing industry news items
- Access: get outsourcing white papers, guides, articles, videos and podcast episodes
- BPO community: join our extensive outsourcing community
- Cancel anytime: zero obligation, no spam, just great information