NPC sets up DPO COMPLex workshop for GOV’T

November 12, 2019 | 2:34 PM GMT+0800 Last Edit: November 12, 2019

The National Privacy Commission (NPC) is set to conduct the DPO COMPLex experiential compliance workshop for government Data Protection Officers (DPOs) on November 13 – 14 at the Luxent Hotel in Quezon City. This following a marked improvement in this year’s DPO registration figures for the sector.

State Universities and Colleges (SUCs) saw the biggest jump in the number of registered entities compared to last year, jumping to 87%. National Government Agencies (NGAs) is next at 73%, followed closely by Government-owned and Controlled Corporations (GOCCs) at 72%, while Local Government Units (LGUs) are at 39%.

In November 2018, registration in the NPC of SUCs was only at 6%, NGAs at 5%, GOCCs at 17%, while LGUS were at 12%.

The surge in numbers is attributed to the NPC’s enhanced compliance program launched beginning January this year, which consisted of intensified privacy sweeps geared towards government institutions as well as compliance awareness campaigns, including the 1st Digital Data Governance for the Public Sector Conference held alongside other events during the Privacy Awareness Week last May.

“As one of the biggest repositories of personal data in the country, it is only imperative that the government fully complies and sets the tenor for all other sectors. Compliance begins once an organization’s Data Protection Officer registers with the NPC. It’s not the be-all, end-all of compliance but it’s the crucial start. It is an indication of accountability and the willingness to cooperate with the Commission. Compliance itself, however, is a journey and takes some time to perfect. We understand that, so, we provide extensive knowledge support to those who are eager to comply,” Liboro said.

The 2-day DPO COMPLex is the result of focused group discussions with DPOs from various government offices who discussed with the NPC the challenges they face at work when instituting compliance-related measures and activities. Day-one (November 13) will be for DPOs in NGAs and LGUs while day-two (November 14) will be for GOCCs and SUCs. It features simulation modules to equip participants with first-hand privacy compliance experience on Data Mapping, Privacy Impact Assessment, Criteria for Lawful Processing, Security Measures, and Breach Management.

By the end of this experiential workshop, participants are expected to be better equipped on how to prepare and maintain records of processing activities of their agencies and create multi-layered privacy notices using these, as well as perform a privacy impact assessment in accordance with NPC Advisory 17-03.

Participating government DPOs are also expected to hone their skills at identifying the appropriate criteria or legal basis for their agency’s personal data processing activities; employing security measures required under NPC Circular 16-01 on security of personal data in government agencies; as well as preparing and implementing data sharing agreements in accordance with NPC Circular 16-02, when applicable.

Lastly, participants are also expected to gain better understanding of how to establish personal data breach management procedures for their respective agencies in accordance with NPC Circular 16-03.

Due to the limited slots available, the DPO COMPLex is strictly by-invitation-only to registered government DPOs. Event registrants are to be accommodated on a first-come, first-served basis.

For other details, interested government DPOs may inquire with Mr. Cleo R. Martinez, Policy Advisor for Government Sector, at 0936-0432973 and 02-8234-2228 local 118.

# # #