The Data Privacy Act of 2012, also known as Republic Act 10173, was passed in August 2012 with the aim of protecting the privacy of individuals’ personal information in the public and private sectors’ information communication technology systems.
The goal of the law is to create confidence in the Philippines’ information technology (IT) and business process outsourcing (BPO) industries to attract foreign investors. The implementation of RA 10173 raises the country’s profile in the data privacy aspect, placing it on the same level as other countries.
RA 10173 complies with the Asia Pacific Economic Cooperation’s (APEC) Information Privacy Framework, as well as the European Parliament and Council’s Directive 95/46/EC.
Here’s how the law affects your business.
As mentioned previously, RA 10173 was designed with international standards in mind. Although the requirements and policies for data privacy are much stricter for companies under the law, it also makes compliance with international standards easier.
Compliance with international standards increases the credibility of your company. With stringent data privacy regulations in place, customers and investors have the assurance that their information is secure, giving them more confidence in doing business with you.
Compliance with the Data Privacy Act assures clients that their personal information is being collected and stored in a secure and ethical manner. This creates trust and confidence in the businesses that they are patronizing or investing in, drawing more customers to your operations. Increased customer loyalty signifies more repeat transactions and earnings.
The sheer number of BPO companies that are registered and operating in the country contribute greatly to the national economy. One of the primary concerns of the law is to help these companies gain the confidence of foreign investors who may be having investment jitters because of preconceived notions of lenient data privacy laws in the Philippines. With the law being implemented, an increase in foreign investment can be highly anticipated, leading to increased revenue for the IT-BPO industry.
A rights-based approach
The Data Privacy Act of 2012 was designed after the European Union (EU) Data Privacy Directive, which takes a rights-based approach to data privacy. In other words, it gives the data owner, referred to as the data subject, the right to control their information. Commonwealth republics like Australia, Canada, Singapore, and Hong Kong follow this mode.
The United States, by comparison, takes a market-based approach to data privacy, wherein citizens determine the level of privacy they are most comfortable with as consumers.
In Europe and commonwealth regimes, however, all citizens are automatically given the right to enforce a fixed level of data privacy as dictated by law. Before a company can use one’s data, they must get consent first.
Complying with RA 10173 can be a challenge for companies as it requires them to go through the process of strengthening security measures and registering their data processing systems with the National Privacy Commission (NPC).
However, it gives a competitive advantage to companies that make an effort to comply. Enforcing the said law helps build trust since it shows consumers that their data is being protected, enabling companies to retain existing clients and attract new ones. Compliance can also result in higher sales and greater profitability.
For more information on setting up a business in the Philippines, browse the site. You can also call +1.806.553.6552 (USA) or +63.917.8922337 (Philippines). You may also send your inquiries here.