NPC postpones submission of 2018 Annual Security Incident Report

March 21, 2019 | 4:25 PM GMT+0800 Last Edit: March 22, 2019

The National Privacy Commission (NPC) has postponed indefinitely the submission of the Annual Security Incident Report (ASIR) covering the calendar year 2018.


The Commission is currently revising some of its key processes with a view to enhancing reportorial efficiency and harmonizing documents submissions with the Department of Information and Communications Technology. The revisions aim to improve user experience for Personal Information Controllers (PICs), and Personal Information Processors (PIPs), in the private and public sectors.


The ASIR is a compliance requirement for PICs and PIPs under the Data Privacy Act’s IRR. It is a way to document security incidents, enabling PICs and PIPs to better anticipate risks and threats.


PICs and PIPs are advised to continue documenting security incidents as usual and stay updated on related NPC announcements.


Meantime, those who have accomplished the 2018 ASIR and wish to submit them may still do so any time via email to [email protected], through our digital portal, or by hard copy submission using the current template