Data Privacy Act of 2012 Flashcards
Who does the Commission report to annually regarding its activities?
The President and Congress.
Who is required to maintain the confidentiality of personal data?
Members, employees, and consultants of the Commission.
How long does the duty of confidentiality last
Even after their term, employment, or contract has ended.
What must members, employees, and consultants ensure at all times?
The confidentiality of any personal data that comes to their knowledge and possession.
What government department is the Commission attached to for policy and program coordination?
Department of Information and Communications Technology (DICT)
Does the Commission remain independent despite being attached to the DICT?
Yes, it remains completely independent in performing its functions.
Who heads the Commission, and what is their title?
The Privacy Commissioner, who acts as Chairman of the Commission.
What benefits, privileges, and emoluments does the Privacy Commissioner receive?
Equivalent to the rank of Secretary.
What are the qualifications for the Privacy Commissioner?
At least 35 years old, of good moral character, unquestionable integrity, known probity, and a recognized expert in information technology and data privacy.
How many Deputy Privacy Commissioners assist the Privacy Commissioner?
Two (2) Deputy Privacy Commissioners.
What are the areas of responsibility for each Deputy Privacy Commissioner?
One is responsible for Data Processing Systems, and the other for Policies and Planning.
What are the qualifications for the Deputy Privacy Commissioners?
They must be recognized experts in information and communications technology and data privacy.
What benefits, privileges, and emoluments do the Deputy Privacy Commissioners receive?
Equivalent to the rank of Undersecretary.
What is magna carta?
No one is above the law
Are the Privacy Commissioner, Deputy Commissioners, and their subordinates civilly liable for acts done in good faith while performing their duties?
No, they are not civilly liable for acts done in good faith.
When can the Privacy Commissioner, Deputy Commissioners, or their subordinates be held liable for their actions?
When they commit willful or negligent acts contrary to law, morals, public policy, and good customs.
Does liability apply even if they acted under orders or instructions of superiors?
Yes, they can still be held liable.
What happens if a lawsuit is filed against them for acts done lawfully in the performance of their duties?
The Commission shall reimburse them for reasonable litigation costs.
Who is responsible for implementing security measures to protect personal data?
Personal information controllers and personal information processors.
What type of security measures must be implemented for personal data protection?
Reasonable and appropriate organizational, physical, and technical security measures.
Who is responsible for securing sensitive personal information maintained by the government?
The head of each government agency or instrumentality.
Who monitors government agency compliance with security requirements?
The Commission.
Can a government employee access sensitive personal information without authorization?
No, they must have a security clearance from the head of the source agency.
What is a source agency?
The government agency that originally collected the personal data.