Data Privacy Act

Question 1

“The
right to be let alone

Answer 1

privacy

Question 2

“The obligations of those who receive
information in the context of an intimate
relationship to respect the privacy
interests of those to whom the data relate
and to safeguard that information

Answer 2

confidentiality

Question 3

“The procedural and technical measures required to
(a)prevent unauthorized access, modification, use, and
dissemination of data stored or processed in a computer
system
(b)prevent any deliberate denial of service and
(c)to protect the system in its entirety from physical harm

Answer 3

security

Question 4

“An Act protecting individual personal information and communications systems in then government and the private sector, creating for this purpose a National Privacy Commission, and for other purposes.

Answer 4

data privacy act of 2012 or republic act no. 10173

Question 5

when was the data privacy act approved?

Answer 5

August 15 2012

Question 6

data privacy act of 2012 is consists of?

Answer 6

9 chapters 45 sections

Question 7

Operations performed upon personal information including the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure, or destruction of data

Answer 7

data processing

Question 8

information from which the
identity of an individual is
apparent or ascertained by the
entity holding the information

Answer 8

personal information

Question 9

Person or organization
who controls the
collection, holding,
processing, or use of
personal information

Answer 9

personal information controller (PIC)

Question 10

Any natural or juridical
person qualified to whom
the PIC may outsource the
processing of personal
data pertaining to a data
subject.

Answer 10

personal information processor (PIP)

Question 11

what are the privacy principles of general data?

Answer 11

transparency
legitimate purposes
proportionality

Question 12

Data subject s must
be aware of the
nature, purpose, and
extent o f the
processing of their
personal data.

Answer 12

transparency

Question 13

The processing of
information shall be compatible with a
declared and specified purpose.

Answer 13

legitimate purposes

Question 14

processing of information
shall be adequate, relevant,
suitable, necessary, and not excessive.

Answer 14

proportionality

Question 15

what are the five pillar of compliance?

Answer 15

1 Data Protection Officer
2 Privacy Impact Assessment
3 Privacy management Program
4 Security Measures
5 Breach Management

Question 16

Process undertaken and used to evaluate and manage privacy impacts for each program, process, or measure within the agency that involves personal data.

Answer 16

privacy impact assessment (PIA)

Question 17

Serves to align everyone in the organization in the same direction

Answer 17

privacy management program

Question 18

what are the implement security measures?

Answer 18

organizational
physical
technical

Question 19

what are the preparation of breach?

Answer 19

confidentiality
integrity
availability

Question 20

generating, sending, receiving, storing or otherwise processing
electronic data messages or electronic documents

Answer 20

information and communication system

Question 21

computer system or other similar device by or which data is recorded, transmitted, or stored

Answer 21

information and communication system

Question 22

any procedure related to the recording, transmission or storage of electronic data, electronic message, or electronic document

Answer 22

information and communication system

Question 23

an individual whose personal information is processed

Answer 23

data subject

Question 24

the processing of personal information shall be allowed, subject to compliance with the requirements of this Act and other laws allowing disclosure of information

Answer 24

General Data Privacy Principle

Question 25

Name, Birthplace and Date, Address, Place of work, Gender, Contact Information, Citizenship

Answer 25

personal information

Question 26

means that the data subject has the right to know when his or her personal data shall be, are being, or have been processed

Answer 26

right to be inform

Question 27

involves being able to compel any entity possessing any personal data to provide the data subject with a description of such data in its possession, as well as the purposes for which they are to be or are being processed

Answer 27

right to access

Question 28

consent of the data subject be secured in the collecting and processing of his or her data

Answer 28

right to object

Question 29

grants the data subject the choice of refusing to consent,
as well as the choice to withdraw consent, as regards to
collection and processing

Answer 29

right to object

Question 30

allows the data subject to suspend, withdraw or order the blocking, removal, and destruction of his or her personal information from the personal information controller’s filing system upon discovery and substantial proof that the personal information are incomplete, outdated, false, unlawfully obtained, used for unauthorized purposes, or are no longer necessary for the purposes for which they were collected

Answer 30

right to erasure or blocking

Question 31

allows the data subject to dispute any inaccuracy or error in the personal information processed, and to have the
personal information controller correct it immediately

Answer 31

right to rectify

Question 32

enables the data subject to obtain and electronically move, copy, or transfer personal data for further use

Answer 32

right to data portability

Question 33

with the National Privacy Commission affords a remedy to any data subject who “feels that [his or her] personal
information has been misused, maliciously disclosed, or improperly disposed,” or in case of any violation of his or
her data privacy rights

Answer 33

right to file a complaint

Question 34

entitles the aggrieved data subject to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use
of his or her personal information

Answer 34

right to damages

Question 35

Personal Information Controllers (and designated individuals are accountable for processing of personal information under their control or custody

Answer 35

principle of accountability

Question 36

Race or ethnicity, Marital Status, Religion, Health Information, Educational Attainment, Criminal Offense History

Answer 36

sensitive personal information (SPI)

Question 37

made primarily responsible for compliance with the security requirements set by the Data Privacy Act

Answer 37

Heads of Agencies (DICT and NPC)

Question 38

the authority to monitor compliance and
recommend to the agency the necessary action to comply with the minimum standards

Answer 38

National Privacy Commission NPC

Question 39

it is required before a government
employee may be able to access these sensitive personal information

Answer 39

security clearance