The promulgation of the Data Privacy Act in 2012, and subsequently, its Implementing Rules and Regulations in 2016, required businesses to maintain policies to safeguard received and collected data. The Firm's practice on data privacy emerged to address the needs of its clients in various industries, which are considered to be personal information controllers or processors.
The Firm's experience on data privacy includes:
1. Conducting privacy impact assessment
2. Drafting and institutionalizing data privacy policies
3. Drafting and review of privacy notices/ statements and contracts such as employment contracts, service agreements, and data sharing and outsourcing agreements
4. Conduct of security awareness programs
5. Advising Data Protection and Compliance Officers on data privacy compliance and reporting
The Firm has partnered with a leading information security specialist, which handles the technical aspect of the data privacy compliance.