Deep Dive into Data Privacy and

Information Security
Reinier J. Estrella
Project Officer II, eHealth Systems Division
Knowledge Management and Information Technology Service doh.gov.p
h
OBJECTIVES:
Fundamentals & Risk Identification Awareness &
Compliance: & Management: Culture
• Understand information • Learn privacy risk • Promote data privacy
security, cybersecurity assessment and security awareness and
and data privacy incident management compliance.
principles and concepts. • Foster a culture of
• Familiarize with security and privacy
relevant regulations and within the organization
compliance
requirements.

Republic of the Philippines

Department of Health 5
/doh.gov.ph
The Philippine Digital
Economy on the Rise
85.16M 84.45M 80.30M
Internet Users Active Social Media Users Active Facebook Users

95.7% of Filipino internet users

Internet users increased by 10
use Facebook at least once a
Million users between January
79.4% of Internet users state month. Facebook restricts the
2022 to January 2023. That is
that staying in touch with use of its platform to people
roughly 73% of our population.
family and friends is their main aged 13 and above, it’s worth
Internet users increased by
reason for using the internet. highlighting that 93.5% of the
31.4% at the height of the
“eligible” audience in the
Pandemic
Philippines
RECENT CYBERSECURITY BREACHES IN THE PHILIPPINES

COMELEC Data Breach Cebuana Lhuiller Marketing PhilHealth Medusa Attack

Server Branch

70 900,000 735
Million customers and employees clients GB of files

2016 2019 2023

2019 2020 2020

Wendy’s Philippines UPCB Independence Day Jollibee Food Corp.

Cyber Attacks

82,000 167 650

customers and employees Million Pesos Million records of
35M customers
PHILIPPINE
CYBERSECURITY
LANDSCAPE
 • Malware
COMMON •
•
Phishing
Denial-of-Service
TYPES OF •
•
Password Attacks
Man-in-the-Middle
CYBER •
•
Social Engineering
Zero-Day Exploits
SECURITY •
•
SQL Injection
Cross-Site Scripting
THREATS • Supply Chain Attacks
WHY DO WE
NEED PRIVACY
IN THE DIGITAL
AGE?
WHY DO WE
NEED PRIVACY
IN THE DIGITAL
AGE?
MODULE 1a:
INFORMATION SECURITY &
PRIVACY POSTURE
 • Anthem, Inc (2015): largest healthcare data breach in history, with 78.8 million
records exposed. The breach was caused by a hacker who gained access to
Anthem's IT systems. (https://www.bankinfosecurity.com/new-in-depth-analysis-
anthem-breach-a-9627)
LARGEST • Premera Blue Cross (2015): This data breach affected 11 million people. The
RECORDED breach was caused by a hacker who gained access to Premera's IT systems.
(https://www.zdnet.com/article/premera-blue-cross-accused-of-destroying-
DATA evidence-in-data-breach-lawsuit/ )
• Excellus Health Plan (2015): This data breach affected 10.6 million people. The
BREACHES breach was caused by a hacker who gained access to Excellus' IT systems.
RELATED TO (https://www.hipaajournal.com/healthcare-data-breach-statistics/ )
• Community Health Systems (2017): This data breach affected 4.5 million
HEALTH people. The breach was caused by a hacker who gained access to Community
Health Systems' IT systems. (https://www.hipaajournal.com/healthcare-data-
INFORMATION breach-statistics/)
• Optum360 (2018): This data breach affected 11.5 million people. The breach was
caused by a hacker who gained access to Optum360's IT systems.
(https://www.hipaajournal.com/healthcare-data-breach-2019-report/)
 STATISTICS ON DIGITAL USE
IN THE PHILIPPINES
85.16M 84.45M 80.30M
Internet Users Active Social Media Users Active Facebook Users

95.7% of Filipino internet users use

Internet users increased by 10
Million users between January 2022
to January 2023. That is roughly
73% of our population. Internet
users increased by 31.4% at the
height of the Pandemic
Facebook at least once a month.
79.4% of Internet users state that
Facebook restricts the use of its
staying in touch with family and
platform to people aged 13 and
friends is their main reason for
above, it’s worth highlighting that
using the internet.
93.5% of the “eligible” audience in
the Philippines
 The ASEAN
Digital Masterplan 2025
Developed during the onset of the Pandemic and focuses on the ASEAN
becoming both a digital economy and a digital society.
1. Actions of the ADM 2025 prioritized to speed ASEAN recovery from
COVID-19
2. Increased in the quality and coverage of fixed and mobile broadband
infrastructure
3. The delivery of trusted digital services and the prevention of
consumer harm.
4. Sustainable competitive market for the supply of digital services.
5. Increase the quality and use of e-government services
6. Digital services to connect business and to facilitate cross-border
trade
7. Increased capability for business and people to participate in the
digital economy.
8. A digitally inclusive ASEAN society
The ASEAN Focus on
Digitalization & Cybersecurity

ASEAN Digital Integration Index Pillars was

conceptualized as a means for policymakers
in ASEAN to assess and evaluate the region’s
digital integration efforts based on the six
priorities identified in the DIFs.
ASEAN Digital Integration Index
FINDINGS ON THE PHILIPPINES
The highest scoring pillar of the
Philippines is for Pillar 2 on Data
Protection and Cybersecurity. The
Philippines was the front runner in
ASEAN in enacting the Data Privacy Act
in 2012

LOW ON DIGITAL ID AND PAYMENTS

The Philippines had two indicators with missing data namely, indicators 3.4 and
3.5 relating to proportion of people who have a digital ID card, and the degree to
which a digitized ID system is in place, respectively. This is also the lowest
performing pillar for the Philippines on Digital Payments and Identities.
 GLOBAL VIEWPOINT
Cybercrime and cyber insecurity are new
During Q2 2023, the Education/Research sector experienced the
highest number of attacks, with an average of 2179 attacks per entrants into the Top 10 rankings of the most
CYBERCRIME
organization per week, marking a 6% decrease compared to Q2 severe global risks over the next decade,
2022. The Government/Military sector was the second most DAMAGE
according to the World Economics Forum.
attacked, with an average of 1772 attacks per week, which
represents a 9% increase from the parallel period last year.
The Healthcare sector followed closely behind, with an average
of 1744 attacks per week, reflecting a significant YoY increase Based on statistics gathered from the
of 30%.
National Cyber Security Index, reports show
GLOBAL
that the Philippine ranks 46th out of 176
RANKING
Countries Overall and 4th out of 10 countries
in the ASEAN region.

Kaspersky Security Network (KSN) –

Philippines moved up two places, ranking 2nd
CYBER
(49.8%) among countries most attacked (1st
ATTACKS
Mongolia 51.1% and 3rd Ukraine 49.6%)
 Bawat
Pilipino

Bawat
Komunidad

Bawat
Health
Worker at
Institusyon
Republic of the Philippines
Department of Health 20
/doh.gov.ph
 21
Leverage digital health and technology for efficient and
accessible health service delivery.

STRATEGIC INTERVENTIONS
Increase efficiency and productivity in service
01 delivery by harnessing digital health
technologies
Department of Health
Republic of the Philippines

Streamline administrative processes and data

/doh.gov.ph

02 management in the DOH and the health sector

through digital transformation

Improve benefit payment processing through

03 leveraging data services and innovative
technologies

04 Engage the private sector in digitalization

initiatives in health
 6,787,410,968
Department of Health
Republic of the Philippines

/doh.gov.ph

Total Number of Security Incidents Reported (2018-2023)

based on the DBNMS of the National Privacy Commission
 Top 3 General Causes of
Data Breach
MALICIOUS HUMAN ERROR MALICIOUS
ATTACK ATTACK +
HUMAN ERROR

211 202 41
Reports Reports Reports
Republic of the Philippines
Department of Health
/doh.gov.ph
 Top 3 General Causes of
Data Breach
MALICIOUS HUMAN ERROR
ATTACK
Hacking (Cloud, Database,
Accidental Email, Loss of Email Account,
Documents, Loss of Infrastructure, Man-in-the-
Equipment. Misdelivered middle, SQL injection, Server,
Documents, Misuse of Website, Ransomware, Trojan
Resources, Negligence, Horse, Virus), Phishing,
Undertrained Staff, Others. Smishing, Social
Engineering, Theft, Others.
MALICIOUS
ATTACK +
HUMAN ERROR
Misuse of Resources,
Phishing, Smishing, Social
Engineering, Unauthorized
Access, Hacking, Stolen
Devices, Negligence, Insider
Threat, Undertrained Staff,
Others.

Republic of the Philippines

Department of Health
/doh.gov.ph
 2021:
- Recorded a total of 4,215 Cybersecurity Incidents based on the report of
DICT-CERT-PH SOC - from data privacy concerns, cyberattacks, and
phishing.

2022:
- Most targeted assets/endpoints are Websites, web servers, applications
Recent Cyber systems and databases
Reported multiple malicious websites redirections (Status: Closed and
Threat Reports
-

remediated) with continuous engagement with the DICT

Provided Incident Notification Reports
from the DOH -

- Actions and progress updates are all reported until the incident have
been mitigated
 2023: (DOH Central Office Only)
Mandatory Breach Notification to the NPC and CICC: 2
Other security incidents: 464
- -> Others/Malware false positive: 375
- -> Others/Malware true positive: 85
Recent Cyber -

-
-> Others/Phishing: 1
-> Hacking: 2
Threat Reports - -> Social Media Hacking: 1

from the DOH

MODULE 1b:
INFORMATION SECURITY &
PRIVACY LEGISLATIONS, POLICIES
& REGULATIONS
LEGISLATIONS
R.A. 7394 R.A. 8792 R.A. 9775 R.A. 9995
Consumer Act of 1992 Electronic Commerce Act of Anti-Child Pornography Act Anti-Photo and Video
2000 of 2009 Voyeurism Act of 2009

The Law was enacted to
protect the interests of
consumers through the
promotion of public health
and safety measures, and
the prevention of deceptive
and unfair acts of
unscrupulous businessmen.
Facilitate domestic and
international transactions
through the utilization of
electronic mediums and
technology to recognize the
authenticity and reliability
of electronic documents.
An act defining the crime of
child pornography,
prescribing penalties
therefor and for other
purposes
It protects the victims who
are made to believe that
they are performing sexual
acts in private.
LEGISLATIONS
R.A. 10173 R.A. 10175
Data Privacy Act of 2012 Cybercrime Prevention Act
of 2012
Aims to protect personal An Act defining cybercrime,
data in information and providing for the
communications systems prevention, investigation,
both in the government and suppression and the
the private sector imposition of penalties
therefor and for other
purposes.
R.A. 9208 / 10364
Anti-Trafficking in Persons
Act of 2003
Institutes policies to
eliminate trafficking in
persons especially women
and children. It establishes
the necessary institutional
mechanisms to protect and
support trafficked persons
and provides penalties for
violations.
R.A. 10515
Anti-Cable Television and
Cable Internet Tapping Act
of 2013
Aims to protect the Cable
Televisions and Cable
internet Industries from
cable pilferage
LEGISLATIONS
R.A. 10627 R.A. 10667 R.A. 10844 R.A. 10929
Anti-bullying Act of 2013 Philippines Competitions DICT Act of 2015 The Free Internet Access in
Act of 2015 Public Places Act of 2017

Seeks to address hostile An Act promoting and An Act creating the This law establishes a
environment at school that protecting competitive Department of Information program that will provide
disrupts the education markets. and Communications free access to internet
process which, in turn, is Technology (DICT), defining service in public places
not conducive to the total its powers, authority, throughout the Philippines
development of a child at functions and mandates.
school.
LEGISLATIONS
R.A. 11313
Safe Spaces Act of 2018
Covers all forms of gender
based sexual harassment
(GBSH) committed in public
spaces, educational or
training institutions,
workplace, as well as online
space.
R.A. 8484 / 11449
Access Devices Regulations Anti-Terrorism Act of 2020
Act of 1998
An Act regulating the
issuance and use f access
devices, prohibiting
fraudulent acts committed
relative thereto, providing
penalties and for other
purposes.
R.A. 9372 / 11479 R.A. 4200
Anti-Wire Tapping Law of
1965
An act preventing,
prohibiting and penalizing Prohibits and penalizes wire
acts of terrorism. tapping done by any person
to secretly overhear,
intercept, or record any
private communication.
LEGISLATIONS
R.A. 11313
Safe Spaces Act of 2018
Covers all forms of gender
based sexual harassment
(GBSH) committed in public
spaces, educational or
training institutions,
workplace, as well as online
space.
R.A. 8484 / 11449
Access Devices Regulations Anti-Terrorism Act of 2020
Act of 1998
An Act regulating the
issuance and use f access
devices, prohibiting
fraudulent acts committed
relative thereto, providing
penalties and for other
purposes.
R.A. 9372 / 11479 R.A. 4200
Anti-Wire Tapping Law of
1965
An act preventing,
prohibiting and penalizing Prohibits and penalizes wire
acts of terrorism. tapping done by any person
to secretly overhear,
intercept, or record any
private communication.
LEGISLATIONS
R.A. 11055
Philippine Identification
System Act
Establishment of a single
national identification
system for all citizens and
resident aliens of the
Republic of the Philippines
Executive Order No. 2
Series of 2016
Freedom of Information
FOI allows Filipino citizens
to request any information
about government
transactions and
operations, provided that it
shall not put into jeopardy
privacy and matters of
national security.
RELATED DOH ISSUANCE:
• Creation of Unit Computer Emergency Response Team (UNIT-CERT)
• Creation of the Data Privacy and Protection Unit (DPPU)
• Registration of Personal Data Processing System and Data Protection Officers to
the National Privacy Commission Registration System (NPCRS)
• DOH Cybersecurity Framework
• Display of the DOH NPC Seal of Registration and Certificate of Registration
• Annual Security Incident Reporting Protocol and Reporting Templates
• Ensuring Holistic Compliance with the Data Privacy Act (DPA), its Implementing
Rules and Regulations (IRR), and other relevant issuances by the NPC
MODULE 2:
REPUBLIC ACT 10173:
THE DATA PRIVACY ACT
OF 2012
MODULE 2a:
KEY CONCEPTS
WHAT IS PRIVACY?

Privacy is mainly defined as a human value

consisting of 4 rights: solitude, anonymity,
intimacy and reserve.
(G Stamatellos 2007 pg. 26)
WHAT IS RIGHT TO PRIVACY?

“the right to be let alone – the most

comprehensive of rights and the right most
valued by civilized men.”
Brandeis, J. dissenting in Olmstead
v. United States, 277 U.S. 438 (1928)
PERSONAL
INFORMATION
Any information whether recorded
in a material form or not, from
which the identity of an individual
is apparent or can be reasonably
and directly ascertained by the
entity holding the information, or
when put together with other
information would directly and
certainly identify an individual.
SENSITIVE PERSONAL INFORMATION
Personal information that is about an individual’s:
Health, education,
genetic or sexual life of a
person, or to any
Race, ethnic origin, proceeding for any
marital status, age, color, offense committed or
and religious, alleged to have been
philosophical or political committed by such
affiliations person, the disposal of
such proceedings, or the
sentence of any court in
such proceedings
Information issued by
government agencies
peculiar to an individual
which includes, but not Information specifically
limited to, social security established by an
numbers, previous or executive order or an act
current health records, of Congress to be kept
licenses or its denials, classified
suspension or
revocation, and tax
returns
PRIVILEGED
INFORMATION
Any and all forms of data which under the
Rules of Court and other pertinent laws
constitute privileged communication.

• Marital communications privilege

• Attorney-client privilege
• Physician-patient privilege
• Confessional privilege
• Privileged communications to public
officers
 DATA

PERSONAL Age

Genetic or
Sexual Life
INFORMATION
Education
DATA SECURITY Health

DATA PRIVACY
Gov’t Issued Color Criminal
Number Record

SENSITIVE
Race/ Ethnic
Origin PERSONAL License

INFORMATION Tax
Returns
Marital
Health Status
Record Political
Affiliation

Religious
Belief Personal
Identification
Number
 THE KEY PLAYERS
DATA PERSONAL INFORMATION PERSONAL INFORMATION
SUBJECT CONTROLLER PROCESSOR
• An individual whose • Person or organization • Any individual or legal
personal information is who controls the entity subcontracted
processed processing and use of by the personal
personal information information controller to
process personal data.
 THE PLAYING GROUNDS
IMPLEMENTS AND ADMINISTERS RA 10173 National Privacy Commission

ORDERS, CONTROLS COLLECTION, HOLDING Personal Information Personal Information

AND PROCESSING OR USE OF PERSONAL Controller Controller
INFORMATION

PERSONAL INFORMATION CONTROLLERS MAY

Personal Information Personal Information Personal Information Personal Information
OUTSOURCE TO PROCESS PERSONAL Processor Processor Processor Processor
INFORMATION

ANY INDIVIDUAL WHOSE PERSONAL Data Subjects Data Subjects Data Subjects Data Subjects Data Subjects Data Subjects Data Subjects Data Subjects
INFORMATION IS PROCESSED
DATA
PRIVACY ACT
It is the policy of the state to Freedom of the Press

protect the fundamental National Security and Public

Safety
right of privacy of
Personal Information
communication while Right to Information

ensuring free flow of DATA PRIVACY FREE FLOW

information to promote
innovation and growth.
DATA
PRIVACY ACT
It is the policy of the state to
protect the fundamental Personal Information Freedom of the Press
right of privacy of National Security and Public
communication while DATA PRIVACY Safety

ensuring free flow of Right to Information

information to promote
innovation and growth. FREE FLOW
 DATA PRIVACY ACT OF
2012
1.PROTECTS the privacy of individuals
while ensuring free flow of information
to promote innovation and growth
2.REGULATES the collection, recording,
organization, storage, updating or
modification, retrieval, consultation,
use, consolidation, blocking, erasure or
destruction of personal data; and
3.ENSURES that the Philippines complies
with international standards set for
data protection through the National
Privacy Commission.
PUNISHABLE
ACTS
PENALTIES
Punishable Act Imprisonment Fine (Pesos)
Unauthorized Processing 1y to 3y – 3y to 6y 500k to 4m
Access due to Negligence 1y to 3y – 3y to 6y 500k to 4m
Improper Disposal 6m to 2y – 1y to 3y 100k to 1m
Unauthorized Purposes 18m to 5y – 2y to 7y 500k to 2m
Intentional Breach 1y to 3y 500k to 2m
Concealing Breach 18m to 5y 500k to 1m
Malicious Disclosure 18m to 5y 500k to 1m
Unauthorized Disclosure 1y to 3y – 3y to 5y 500k to 2m
Combination of Acts 3y to 6y 1m to 5m
MODULE 2b:
INFORMATION SECURITY
& DATA PRIVACY
PRINCIPLES
 CONFIDENTIALITY
Confidentiality refers to The primary goal of Encryption, access

Objective

Examples
Definition
the protection of confidentiality is to controls, user
sensitive information maintain the privacy and authentication, and
from unauthorized secrecy of sensitive secure data
access, disclosure, or data. This includes transmission are
exposure. It ensures that personal information, measures commonly
data is only accessible to trade secrets, financial employed to preserve
individuals or entities records, and any data confidentiality.
with the proper that, if disclosed, could
authorization or need-to- lead to harm, breaches
know. of privacy, or legal
consequences.
 INTEGRITY
Integrity relates to the The main objective of Hash functions, digital

Objective

Examples
Definition
accuracy and integrity is to prevent signatures, and version
trustworthiness of data unauthorized or control systems are used
and systems. It ensures unintentional alterations to verify the integrity of
that data remains to data. It ensures that data and detect any
unchanged and data remains reliable unauthorized
uncorrupted during and trustworthy for modifications.
storage, processing, or decision-making and
transmission. business processes.
 AVAILABILITY
Availability refers to the The primary goal of Redundancy, backup

Objective

Examples
Definition
accessibility and uptime availability is to systems, disaster
of data, systems, and minimize downtime and recovery plans, and load
services when needed by ensure that systems and balancing are strategies
authorized users. It data are readily to enhance availability
ensures that resources accessible, particularly and maintain continuous
are consistently in the face of operations.
accessible and unexpected events such
operational. as hardware failures,
natural disasters, or
cyberattacks.
MODULE 2c:
INFORMATION SECURITY
& DATA PRIVACY
PRINCIPLES
THE DATA
PRIVACY
PRINCIPLES
DATA PRIVACY PRINCIPLES

LEGITIMATE DATA
TRANSPARENCY PROPORTIONALITY FAIRNESS ACCOUNTABILITY ACCURACY
PURPOSE MINIMIZATION
 EXCEPTIONS TO THE DPA

JOURNALISTIC, TO CARRY OUT

PUBLIC COMPLIANCE TO RESIDENTS OF
GOVERNMENT DISCRETIONARY ARTISTIC, FUNCTIONS OF
OFFICERS & RA9510 & FOREIGN
CONTRACTORS BENEFITS LITERARY & PUBLIC
EMPLOYEES RA9160 JURISDICTIONS
RESEARCH AUTHORITY
 DATA PRIVACY PRINCIPLES
LEGAL BASES FOR PROCESSING LEGITIMATE PURPOSE
PERSONAL INFORMATION

COURT PUBLIC
LEGAL
PROCEEDING/ SAFETY &
OBLIGATION
LEGAL CLAIMS ORDER

MEDICAL
LAW & TREATMENT /
CONSENT CONTRACT
REGULATION TO PROTECT
LIFE
 DATA PRIVACY PRINCIPLES
SENSITIVE PERSONAL INFORMATION LEGITIMATE PURPOSE
& PRIVILEGED INFORMATION
Consent is given by data subject, or by the parties to the exchange of privileged
information, prior to the processing of the sensitive personal information or privileged
CONSENT information, which shall be undertaken pursuant to a declared, specified, and legitimate
purpose;

The processing of the sensitive personal information or privileged information is provided

REQUIRED BY for by existing laws and regulations: Provided, that said laws and regulations do not
LAW require the consent of the data subject for the processing, and guarantee the protection
of personal data;

The processing is necessary to protect the life and health of the data subject or another
LIFE & person, and the data subject is not legally or physically able to express his or her consent
HEALTH prior to the processing;
 DATA PRIVACY PRINCIPLES
LEGITIMATE PURPOSE
DATA SHARING PRINCIPLES
Transfer of personal data to another personal information controller (PIC) or
personal information processor (PIP) shall adhere to the data privacy principles
stated in section V.

Requesting parties shall present appropriate documents prior to the transfer of

personal data.

CONSENT DSA SLA MOA

 DATA PRIVACY PRINCIPLES
LEGITIMATE PURPOSE

VALID FORM OF CONSENT

Any freely given, specific, informed indication of
will, whereby the data subject agrees to the
collection and processing of personal ⮚ Waive all rights under
information about and/or relating to him/her. the DPA
⮚ Bundled consent
⮚ Opt-out
It shall be evidenced by written, electronic or
recorded means.
DATA PRIVACY PRINCIPLES
TRANSPARENCY PURPOSE
IDENTITY OF PIC/PIP
DATA SHARING AGREEMENTS DURATION
OVERVIEW
Data sharing between government
agencies for the purpose of a public CONTROL MEASURES
function or provision of a public service ACCESSIBILITY
shall be covered a data sharing
agreement. ONLINE ACCESS

DISPOSAL
OTHER TERMS
DATA PRIVACY PRINCIPLES Nature of the
TRANSPARENCY personal data

Rights as a data
subject & how Purpose of
these can be collection
Data subjects exercised
should be
informed of the
Identity of Extent of the
following: Personal processing of his
Information or her personal
Controller data

Risks & safeguards

involved
DATA PRIVACY PRINCIPLES
TRANSPARENCY Right to be
Informed

Right to File Right to

a Complaint Object

RIGHTS AS
A DATA Right to Data
Portability
Rights of a
Data Right to
Access

SUBJECT
Subject

Right to Right to
Damages Rectification
Right to
Erasure or
Blocking
DATA PRIVACY PRINCIPLES
PROPORTIONALITY
The processing of information
shall be adequate, relevant,
suitable, necessary, and not
excessive in relation to a
declared and specified purpose.
Personal data shall be processed
only if the purpose of the
processing could not reasonably
be fulfilled by other means.
DATA PRIVACY PRINCIPLES
PROPORTIONALITY

The more you

collect, the more
you need to
protect.
WORKSHOP 1: Inventory of Data
Processing Systems
Goldberry Lite Hotel, Iloilo City
September 23-26, 2024
Privacy Impact Assessment
Training and Workshop with
DPA Capacity Enhancement
on Cyber Security Framework
WORKSHOP 1

https://bit.ly/DPAW1
Workshop 1:
Personal Data Processing Systems
Instructions:
• List down all known data processing systems (manual/digital) and categorize
classification of data (Personal Information / Sensitive Personal Information /
Privilege Information)
• Identify if the Data Processing Systems are being processed as a PIP or a PIC.
 Workshop 1:
Personal Data Processing Systems
Name of Data Description Basis for List of Information being Type of
Processing Processing Processed Information
System (PI/SPI/PrI)
EWEBPAIS / MAIS Official program RA 11463; Patient’s Full Name, PI
application for the AO No. 2023- 0016; Birthdate, SPI
management of the DM 2012-0032; Contact information, PI
DOH indigency DM 2022-0440 Address, PI
funds. PhilHealth Number, SPI
Monthly Income, PI
Income Classification, PI
Diagnosis SPI
Deep Dive into Data Privacy and
Information Security
Reinier J. Estrella
Project Officer II, eHealth Systems Division
Knowledge Management and Information Technology Service doh.gov.p
h
MODULE 3:
COMPLIANCE FRAMEWORK
 5 PILLARS OF COMPLIANCE TO THE DPA

Write your
Implement Regularly
Privacy
Privacy and Exercise your
Designate a DPO Conduct a PIA Management
Protection Breach Reporting
Plan and Privacy
Measures Process
Manual
MODULE 3a:
THE DATA PROTECTION
OFFICER
 ENSURES COMPLIANCE

DESIGNATING A ENSURE CONDUCT OF PIA

DATA PROTECTION OFFICER ADVICE PIC ON DATA

SUBJECTS’ RIGHTS
“The PIC shall designate an individual or individuals
who are accountable for the organization’s REPORT INCIDENTS/BREACH
compliance with the Data Privacy Act. The identity
of the individual(s) so designated shall be made CULTIVATE PRIVACY
known to any data subject upon request.” AWARENESS

ADVOCATES PBD

COORDINATE WITH NPC

 1. Monitor the your agency's compliance with the
DPA, it’s IRR, issuances by the NPC and other
DUTIES AND applicable laws and policies.
RESPONSIBILITIES OF 2. Ensure conduct of Privacy Impact Assessments.
THE DPO 3. Advice the PIC or PIP regarding complaints
and/or the exercise by data subjects of the
rights.
 4. Ensure proper data breach and security incident
management, and data breach reporting to the NPC.

DUTIES AND
5. Inform and cultivate awareness on privacy and
RESPONSIBILITIES OF data protection within the organization.
THE DPO
6. Advocate and adopting a PRIVACY BY
DESIGN approach.
 7. Serve as the link between the PIC/PIP and the NPC.

8. Cooperate, coordinate and seek advice of

DUTIES AND the NPC regarding matters concerning data privacy
and security.
RESPONSIBILITIES OF
THE DPO
9. Perform other duties and tasks that may
be assigned by the PIC/PIP that will further the
interest of data privacy and security and uphold the
rights of data subjects.
 ENSURES COMPLIANCE
THE
ENSURE CONDUCT OF PIA
COMPLIANCE OFFICER FOR
ADVICE PIC ON DATA
PRIVACY SUBJECTS’ RIGHTS
An individual or individuals who performs some
functions of the DPO in particular cases. REPORT INCIDENTS/BREACH

CULTIVATE PRIVACY
The COP shall perform all other functions of a DPO AWARENESS
except items 1 to 3. Where appropriate, he or she
shall also assist the supervising DPO in the ADVOCATES PBD
performance of the latter’s functions.
COORDINATE WITH NPC
 OPTIONS FOR SELECTING A
DATA PRIVACY OFFICER

HIRE OR OUTSOURCE OR
DESIGNATE
APPOINT SUBCONTRACT
 A DPO must be independent in the performance of
his or her functions, and should be accorded a
INDEPENDENCE, significant degree of autonomy by the PIC or PIP.
AUTONOMY & In his or her capacity as DPO, an individual may
CONFLICT OF perform (or be assigned to perform) other tasks or
INTEREST assume other functions that do not give rise to any
conflict of interest.

Republic of the Philippines

Department of Health
/doh.gov.ph Source: NPC Advisory No. 2017-01
 • Specialized knowledge and demonstrate
reliability
• Sufficient understanding of the processing
operations being carried out by the PIC or PIP.
WHO CAN BE • Knowledge by the DPO/COP of the field/sector
of the PIC/PIP.
APPOINTED AS • Full-time or organic employee of PIC/PIP
DPO? • In the government, may be career or appointive.
Designations are legally accepted.

Republic of the Philippines

Department of Health
/doh.gov.ph
CICC Recommendations on the Minimum
Qualifications for the DOH DPO

1. A licensed lawyer in the Department;

2. With established expertise on relevant legislations, policies,
ethical and compliance frameworks, standards, and practices on
privacy and data protection; and
3. Has passed the DPO Accountability, Compliance, and Ethics (ACE)
Program - Level 1 Certification of the National Privacy Commission
(NPC).

Department of Health, Philippines

 Registration
Personal Data
Processing
Department of Health

System and Data

Republic of the Philippines

Protection
/doh.gov.ph

Officers to the
NPCRS
DOH Department Memorandum
2023-0243
 • Department Personnel Order, Hospital Order,
Office Order, or any similar document,
designating or appointing the Data
Requirements for Protection Officer of the Personal
Registration of Information Controller (PIC).
Personal Data • Official/dedicated email and contact
Processing information. The DPOs email must be
System/s and Data maintained at all times to ensure that the
Protection Officers NPC is able to communicate with the DOH
Unit. The NPCRS will also send a One-Time
Pin (OTP) to this email every time the DOH
Unit logs-in. Please note that the email shall
be a unique and official email address
specific to the DPO of the DOH Unit, and not
with the person who is the DPO.
Republic of the Philippines
Department of Health
/doh.gov.ph
 • Brief description per Personal Data Processing
System should contain the following:
• name of the system;
• basis and for the processing of information;
Requirements for • purpose of the processing;

Registration of • whether processing is being performed as a PIC or a Personal

Information Processor (PIP), if an organization uses the same
Personal Data system as a PIC and as a PIP, then the organization shall
register such usage separately;
Processing • whether the system is outsourced or subcontracted, and if so,
System/s and Data •
the name and contact details of the PIP;
description of the category or categories of data subjects, and
Protection Officers their personal data or categories thereof;
• recipients or categories of recipients to whom the personal
data might be disclosed;
• description of security measures (Organizational, Physical,
and Technical)
• general information on the Data Life Cycle (Time, Manner, or
Mode of Collection, Retention Period, and
Disposal/Destruction/Deletion Method/Procedure)
• whether personal data is transferred outside of the
Philippines; and
Republic of the Philippines • the existence of Data Sharing Agreements with other parties;
Department of Health
/doh.gov.ph
 A Government Agency is required to designate and register a DPO
with a rank not lower than an Assistant Secretary or Executive
Director IV in case the highest ranking official is a Department
Mandatory Secretary or a position of equivalent rank; at least Director IV
level in case the highest ranking official is an Undersecretary or a
Appointment of position of equivalent rank; at least Director II level in case the
DPO in the highest ranking official is an Assistant Secretary or a position of
equivalent rank; and at least a Division Chief in case the highest
Government ranking official is a Regional Director or a position of equivalent
rank. For Local Government Units (LGUs), the Provincial, City and
Municipal levels shall designate and register a DPO with a rank
not lower than Department Head.
Cities and Municipalities can designate a COP at the Barangay
level, provided that the COP shall be under the supervision of the
DPO of the corresponding City, or Municipality that the Barangay
Republic of the Philippines
Department of Health
/doh.gov.ph
is part of.
Department Memorandum 2023-0243
Registration of Personal Data Processing System and Data Protection Officers to the National Privacy Commission Registration
System (NPCRS)
Schedule of
Fees and
Charges of
the NPC
NPC Circular 2023-01

Republic of the Philippines

Department of Health
/doh.gov.ph
Republic of the Philippines
Department of Health
/doh.gov.ph
MODULE 3b:
PRIVACY IMPACT ASSESSMENT
(OVERVIEW)
 THE PIA SHOULD IDENTIFY:
PRIVACY IMPACT Legitimate Purpose
of Processing
ASSESSMENT
Risks and Effects of
A PIA is a tool for identifying and Processing
assessing privacy risks
throughout the development life
cycle of a program or system. Current Protection
Measures

Best Practices &

Recommendations
 PRIVACY RISK ASSESSMENT
A potential cause of an incident, that may result in
THREAT harm of systems and organization.
Ex. Theft, Flood, Malicious Software Attacks, Phishing, etc.,

A weakness of an asset or group of assets that can be

VULNERABILITY exploited by one or more threats
Ex. Software, hardware, employees/end-users, etc.,

Potential of an incident to result in harm or danger to a

RISK data subject or organization.
Ex. Loss of data, alteration, identity theft, unauthorized access, etc.,
 THREAT VULNERABILITY RISK
Unauthorized/Illegitimate Access/
Physical copies of forms in the medical Processing
Theft (Physical copies)
records section Confidentiality, Integrity, Availability
Breach

Flood Location of the servers Availability Breach

Unauthorized/Illegitimate Access/
Processing
Malware Storage Confidentiality, Integrity, Availability
Breach
MODULE 3c:
PRIVACY MANAGEMENT PLAN
 Legal Compliance
PRIVACY
Risk Mitigation MANAGEMENT
PROGRAM
Reputation Management

Competitive Advantage A PMP is a HOLISTIC APPROACH to

privacy and data protection, important
for all agencies, companies or other
Operational Efficiency organization involved in the processing
of personal data.
Employee Satisfaction
MODULE 3d:
IMPLEMENT PRIVACY AND
PROTECTION MEASURES
ORGANIZATIONAL

PHYSICAL
CONTROL FRAMEWORK

TECHNICAL
The determination of the appropriate Nature of the personal data to be
level of security must consider the protected;
following:
Risks represented by the
processing;

SECURITY Size of the organization and

MEASURES complexity of its operations;
Organizational
Physical Current data privacy best
practices; and
Technical

Cost of security implementation

Organizational Security Measures
• Data Protection Officers and Compliance Officers for Privacy
• Health Privacy Board / Data Privacy Committee
• Data Protection Management Program and Policies
• Records of Processing Activities
• Management of Human Resources
• Processing of Personal Data
• Third Party / Subcontracting Policies
• Inventory of ICT Accounts
• Breach Management Policies
• Disaster Management and Business Continuity Policies
• Public Communication and Publication Policies
• Use of Social Media
Physical Security Measures
• Inventory of ICT Physical Devices
• Physical access limitation
• Bringing of devices outside official station
• Design of office space and workstations
• Duties and schedule of individuals
• Electronic media transfer, disposal and reuse
• Secured against disasters, power disturbances, external access, and other threats
Technical Security Measures
Access Controls
• Information Access Management
• User Identification
• Emergency Access Procedure
• Automatic Log-off
• Encryption and Decryption
• Multi-factor Authentication
Audit Controls
• Recording of Information
• Audit Data Life Span
• Access to Audit Data
Integrity Controls
• Mechanism to Authenticate Information
• Digital Signature
• Anti-virus Software
• Data Storage Encryption
• Transmission Encryption
• Proper Handling of Mechanical
Components
• Offline Modes and Caching
• Interface Integration of Information Systems
• Identity Authentication
• Cloud Services
“Security is always excessive
until it’s not enough.”
– Robbie Sinclair, Head of
Security, NSW Australia
MODULE 3e:
SECURITY INCIDENT REPORTING
PROTOCOLS
ORGANIZATIONAL

PHYSICAL
CONTROL FRAMEWORK

TECHNICAL
TECHNICAL
BREACH
SECURITY MEASURES
Organizational
Physical
Technical
PERSONAL
DATA BREACHDATA
Confidentiality
Confidentiality
Integrity
Integrity
Availability
Availability
 • A SECURITY INCIDENT is any event or
occurrence that affects or tends to affect data
protection, or may compromise the availability,
integrity, and confidentiality of personal data. It
includes incidents that would result in a
personal data breach, if not for safeguards that
have been put in place.

DATA BREACH
• A DATA BREACH is a kind of security incident.
Confidentiality
Integrity
Availability
 IF THE BREACH…
Would likely affect national security, public safety,
public order, or public health

Involves at least 100 individuals

Required by laws or rules to be confidential

DATA BREACH Pertain to vulnerable groups

Confidentiality
Integrity NOTIFY YOUR DPO AND NPC
Availability STRAIGHTAWAY!
 IF THE BREACH…
Involves sensitive personal information or any
information that may be used to enable identity fraud

There is reason to believe that the information may have

been acquired by an unauthorized person

The unauthorized acquisition is likely to give rise to a

DATA BREACH real risk of serious harm to any affected data subject.

Confidentiality
Integrity NOTIFY YOUR DPO AND NPC
Availability STRAIGHTAWAY!
 IF THE BREACH…
Involves sensitive personal information or any
information that may be used to enable identity fraud

There is reason to believe that the information may have

been acquired by an unauthorized person

The unauthorized acquisition is likely to give rise to a

DATA BREACH real risk of serious harm to any affected data subject.

Confidentiality
Integrity NOTIFY YOUR DPO AND NPC
Availability STRAIGHTAWAY!
 DATA BREACH
A data breach is a type of cybersecurity incident in which information or part of
an information system) is accessed without the right authorization, typically with
malicious intent, leading to the potential misuse of that information. It also
includes ‘human error’ that often happens during configuration and deployment
of certain services and systems, and may result in unintentional exposure of
data.

Reconnaiss Weaponizati Command Actions on

Delivery Exploitation Installation
ance on & Control Objectives

DATA BREACH

Lockheed Martin. (2022). Cyber Kill Chain. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

 DATA BREACH CYBER KILL CHAIN

Command and Actions on

Reconnaissance Weaponization Delivery Exploitation Installation
Control Objectives

Lockheed Martin. (2022). Cyber Kill Chain. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

 Aim for consistent taxonomy across the organization when
describing an event.
Breach Taxonomy Remember, not every event is a breach
Try to base your answers on the impact on:
Confidentiality, Integrity, Availability
Event Incident Incident of Interest Compromise Breach

• Person A was • Person A tried • Person A succeeded • Person A broke in, a • Reached home, run
observed standing vigorously o open in breaking in after neighbor raised the to bed, money
at the door and the door, used a smashing the door. alert by calling the stolen, MacBook Pro
surveying the house, sharp object to try The alarm didn’t owner. Door and untouched (phew)
windows, etc. to break a couple of deter Person A who window broken. rare watch gone!
windows and tried carried on through Neighbor sees thief Thief even drank a
smashing a brick the house. The running away with glass of water
through the door… police arrived “stuff”. forgetting to switch
but ran away because of the ✔Possible off the tap on their
because the alarm silent alarm and ✔Probable way out. Raise
sounded. captured Person A. ✔Confirmed official police
Nothing was taken report. Investigation
or damaged. starts
Never call it a BREACH until you
have a very high degree of
certainty. Make it a collective
decision based on evidence.
 5 PILLARS OF COMPLIANCE TO THE DPA

Write your Privacy Implement

Regularly Exercise
Management Plan Privacy and
Designate a DPO Conduct a PIA your Breach
and Privacy Protection
Reporting Process
Manual Measures
WORKSHOP 2
O.P.T. to Know your C.I.A.
Workshop 2:
O.P.T. to Know your C.I.A.
Instructions:
• Get together in groups of 10-12. Make sure to assign a group secretary and a
reporter.
• List down all known security measures in your facility/ies and categorize them
according to Organizational, Physical and Technical Security Measures
• Tag the identified security measures if they are protecting the Confidentiality,
Integrity and/or Availability of the information.
• Participants will be given 30 mins to exhaust all known security measures in their
facilities.
Control Measures
Name of Data Organizational Physical Control Technical Control
Processing System Control Measures Measures Measures
Privacy Impact Assessment
Training and Workshop with
DPA Capacity Enhancement
on Cyber Security Framework
WORKSHOP 2

https://bit.ly/DPA_W2
 Bit.ly/DPAMaterials2024

For DPA or eHealth concerns:

DPA concerns: [email protected]
eHealth Program concerns: [email protected]
other concerns: [email protected]

Contact numbers: 8651-7800 loc.

2289/2288 (Data Privacy & Protection Unit)
1949 (eHealth)
WORKSHOP 3
Risk Impact Assessment
https://bit.ly/DPADigitalLibrary
Workshop 3
Risk Impact Assessment
Instructions:
1. Divide yourselves into groups of 10-12.
2. A scenario outlining the details of the simulated data breach incident will be
given to each group. Read and familiarize yourselves with the details of the
scenario.
3. Participants will be given an hour to determine the impacts to data subjects
(Patients/Clients), PIC/PIP (Healthcare provider), and to the operations.
4. Each group will then be given 15 minutes to present their output.
Privacy Impact Assessment
Training and Workshop with
DPA Capacity Enhancement
on Cyber Security Framework
WORKSHOP 3

https://bit.ly/DPA_W3
IMPACTS TO THE IMPACTS TO THE
DATA SUBJECTS PIC/PIP
 IMPACTS TO THE
DATA SUBJECTS
• Invasion of Privacy
• Reputational Damage
• Stress and Anxiety
• Identity Fraud
• Targeted Scams
• Loss of Trust
• Impact on Relationships
• Insecurity
IMPACTS TO THE
PIC/PIP
• Reputational Damage
• Operational Disruption
• Legal and Regulatory
Consequence
• Financial Loss
WORKSHOP 4
Security Incident Management
Guide Questions:
1. What immediate actions should the PIC/PIP take upon discovering the incident?
2. How can the PIC/PIP initiate an internal investigation to determine the extent of the breach?
3. Should affected data subjects (patients), including high-profile individuals, be informed of the
incident? If so, how should they be notified?
4. What steps can be taken to mitigate potential harm, identity theft, or reputational damage to
both the patients and the healthcare facility?
5. What legal and regulatory consequences might the PIC/PIP (healthcare facility/CVCHD) face as a
result of this incident, especially considering the involvement of high-profile individuals?
6. How can the PIC/PIP respond to investigations or penalties from regulatory authorities like the
National Privacy Commission (NPC)?
7. How should the healthcare facility respond to this incident in terms of improving its security
practices, staff training, and overall data privacy policies?
8. What specific measures can be implemented to prevent similar incidents in the future and
safeguard the security and confidentiality of health and health-related information?
Deep Dive into Data Privacy and
Information Security
Reinier J. Estrella
Project Officer II, eHealth Systems Division
Knowledge Management and Information Technology Service doh.gov.p
h
MODULE 4:
CONDUCT OF PIA
 THE PIA SHOULD IDENTIFY:
PRIVACY IMPACT Legitimate Purpose
of Processing
ASSESSMENT
Risks and Effects of
A PIA is a tool for identifying and Processing
assessing privacy risks
throughout the development life
cycle of a program or system. Current Protection
Measures

Best Practices &

Recommendations
 nature of the personal data to be protected,
IT TAKES INTO
ACCOUNT: the personal data flow,

the risks to privacy and security posed

by the processing,

current data privacy best practices,

the cost of security implementation, and,

where applicable, the size of the organization, its

resources, and the complexity of its operations;
 PICs and
Who should PIPs

conduct the PIA?

Data
Protection
Officer

May be
Stakeholder
outsourced /
involvement
subcontracted
 Collection

Who should
participate in Disposal
Persons Use

the PIA? involved in…

And, if applicable:
Internal stakeholders (Legal,
Compliance, HR, Facilities)
DPO/Data Protection Office/Team Sharing Storage
Privacy Advocates
 • Head of
Organization
• Process Owner
Assign/ • Data Subject
Assign the Designate
the
• Legal Officer
• ICT Officer
Roles following
roles:
• DPO
• Civil Society
• HR
• National Privacy
Commission

Republic of the Philippines

Department of Health
/doh.gov.ph
 1. Collecting personal information or a new
way of collecting personal information?
(including from a new or existing source)

Threshold 2. Using personal information to make

decisions or take action against individuals

Analysis in ways which can have a significant impact

on them? (for example, whether to receive a

Questions: service or benefit)

3. Collecting personal information in a way
that might be perceived as being intrusive?
(for example, camera surveillance, drones
or biometric scans)
4. Using personal information already held by
the agency for a purpose other than how it
is currently used?
Republic of the Philippines
Department of Health
/doh.gov.ph
 5. Disclosing personal information to another
agency, a contractor, the private sector or
to the public?

Threshold 6. An exchange of personal information

between agencies?

Analysis 7. Engaging a contracted service provider to

deal with personal information in any way

Questions: for the agency? Or will the contracted

service provider transfer personal
information to the agency or provide
services to a third party for the agency?
8. Linking, matching or cross-referencing of
personal information across or within the
agency?

Republic of the Philippines

Department of Health
/doh.gov.ph
 9. Using personal information for research or
statistics?
10.A new or changed way of transferring

Threshold personal information between agencies or

between an agency and another entity?

Analysis 11. New or changed legislative provisions that

impact how the agency will collect, use or

Questions: disclose personal information?

12.A new way or increased costs for
individuals to access their own personal
information?
13. A change in the way personal information is
stored or secured? (for example, a cloud-
based storage system)

Republic of the Philippines

Department of Health
/doh.gov.ph
 14.A new or amended process for verifying an
individual’s identity?
15. Transferring personal information outside

Threshold Australia at any stage? (for example,

publishing information to a website or

Analysis through use of cloud-based services or

online surveys)

Questions: 16. Using de-identified information that could

be matched with another dataset (or
publicly available information) and enable
individuals to be identified?
17. Any other activity that could impact on the
community’s reasonable expectations of
privacy? If yes, please detail:

Republic of the Philippines

Department of Health
/doh.gov.ph
Conducting a PIA
PLANNING & PERFORM THE IMPLEMENT
MOBILIZATION ASSESSMENT YOUR CONTROL
MEASURES
• Set-up the team, finalize the • Consult stakeholders, analyze • Deploy risk management
scope risks and legal gaps, create controls
• Determine what resources risk map • Address legal gaps through
are needed • Determine necessary controls remediation measures
• Identify process owners and and remediation measures to • Monitor and evaluate on a
address legal gaps and risks
stakeholders, establish regular basis
consultation plan • Create risk management plan,
get sign off

Republic of the Philippines

Department of Health
/doh.gov.ph
Performing the PIA
Phase 1
Preparation of Reference
Documents (e.g., technical
and operational documents,
forms, manuals, legal bases,
etc.)
Development of Sections 1-4b
Phase 2 Phase 3
Review for completion and Development of Section 6 and
clearance of previous 7
sections.
Review and clearance of the
Development of Section 5 ICT Office and the DPO.
Sign-off
Republic of the Philippines
Department of Health
/doh.gov.ph
 Ownership of
System/Process

Implementation of PMP by Stakeholder Involvement

the PIC (Internal and External)
PRIVACY
IMPACT
ASSESSMENT
COMPONENTS Sign-off from Top Privacy Risk Map/Address
Management Legal Gaps

Proposal of
Controls/Remediation
Measures
 1. System Description
a) Overview/Description
b) Basis for Processing

PIA c)
d)
ICT Standards Use
Software Development Tools Used

Contents e)
f)
System Data Process
ICT Requirements
2. Scope of the PIA
a) User Access Levels
3. Threshold Analysis
4. Personal Data Flows
a) Personal Data Inventory
b) Personal Data Life Cycle and Process Flow
Republic of the Philippines
Department of Health
/doh.gov.ph
 5. Privacy Impact Analysis
PIA a)
b)
Data Privacy Principles
Description of Procedures and Controls for

Contents Protecting Data Subjects’ Rights

c) Description of Security Measures
6. Privacy Risk Management
7. Findings and Recommendations
8. Sign off

Republic of the Philippines

Department of Health
/doh.gov.ph
MODULE 5:
PRIVACY-BY-DESIGN /DEFAULT
7 Foundational
ProactivePrinciples
not Reactive; of
Preventive not Remedial
Privacy by Design (PbD)
Privacy as the Default Setting
Privacy by Design

Privacy Embedded into Design

Full Functionality – Positive Sum, not Zero Sum

End-to-End Security – Full Lifecycle Protection

Visibility and Transparency – Keep it Open

Respect for User Privacy – Keep it User-Centric

Privacy by Design
Proactive not Reactive;
Preventive not Remedial
The Privacy by Design (PbD) approach is
Privacy as the Default Setting
characterized by proactive rather than
reactive measures. It anticipates and
prevent privacy invasive events before
Privacy Embedded into Design
they happen. PbD does not wait for
Full Functionality – Positive privacy risks to materialize, nor does it
Sum, not Zero Sum
offer remedies for resolving privacy
End-to-End Security – Full infractions once they have occurred – it
Lifecycle Protection
aims to prevent them from occurring. In
Visibility and Transparency – short, Privacy by Design comes before-
Keep it Open
the-fact, not after.
Respect for User Privacy –
Keep it User-Centric
Privacy by Design
Proactive not Reactive;
Preventive not Remedial

We can all be certain of one thing – the

Privacy as the Default Setting
Privacy Embedded into Design
Full Functionality – Positive
Sum, not Zero Sum
End-to-End Security – Full
Lifecycle Protection
Visibility and Transparency –
Keep it Open
default rules! PbD seeks to deliver the
maximum degree of privacy by ensuring
that personal data are automatically
protected in any given IT system or
business practice. If an individual does
nothing, their privacy still remains intact.
No action is required on the part of the
individual to protect their privacy – it is
built into the system, by default

Respect for User Privacy –

Keep it User-Centric
Privacy by Design
Proactive not Reactive;
Preventive not Remedial

Privacy as the Default Setting
Privacy Embedded into Design
Full Functionality – Positive
Sum, not Zero Sum
End-to-End Security – Full
Lifecycle Protection
Visibility and Transparency –
Keep it Open
PbD is embedded into the design and
architecture of IT systems and
business practices. It is not bolted on
as an add-on, after the fact. The result
is that privacy becomes an essential
component of the core functionality
being delivered. Privacy is integral to
the system, without diminishing
functionality.

Respect for User Privacy –

Keep it User-Centric
Privacy by Design
Proactive not Reactive;
Preventive not Remedial

PbD seeks to accommodate all

Privacy as the Default Setting
legitimate interests and objectives in
a positive-sum “win-win” manner,
Privacy Embedded into Design
not through a dated, zero-sum
Full Functionality – Positive approach, where necessary trade-offs
Sum, not Zero Sum
are made. PbD avoids the pretense of
End-to-End Security – Full false dichotomies, such as privacy vs.
Lifecycle Protection
security, demonstrating that it is
Visibility and Transparency –
possible to have both.
Keep it Open

Respect for User Privacy –

Keep it User-Centric
Privacy by Design
Proactive not Reactive;
Preventive not Remedial
PbD, having been embedded into the
system prior to the first element of
Privacy as the Default Setting
information being collected, extends
securely throughout the entire lifecycle
Privacy Embedded into Design of the data involved – strong security
measures are essential to privacy, from
Full Functionality – Positive
Sum, not Zero Sum start to finish. This ensures that all data
are securely retained, and then securely
End-to-End Security – Full
Lifecycle Protection destroyed at the end of the process, in a
timely fashion. Thus, PbD ensures cradle
Visibility and Transparency –
Keep it Open to grave, secure lifecycle management
of information, end-to-end.
Respect for User Privacy –
Keep it User-Centric
Privacy by Design
Proactive not Reactive;
Preventive not Remedial

Privacy as the Default Setting
Privacy Embedded into Design
Full Functionality – Positive
Sum, not Zero Sum
End-to-End Security – Full
Lifecycle Protection
Visibility and Transparency –
Keep it Open
PbD seeks to assure all stakeholders that
whatever the business practice or
technology involved, it is in fact
operating according to the stated
promises and objectives, subject to
independent verification. Its component
parts and operations remain visible and
transparent, to users and providers
alike. Remember, trust but verify.

Respect for User Privacy –

Keep it User-Centric
Privacy by Design
Proactive not Reactive;
Preventive not Remedial

Privacy as the Default Setting

Above all, PbD requires architects and
Privacy Embedded into Design operators to keep the interests of the
individual uppermost by offering such
Full Functionality – Positive
Sum, not Zero Sum
measures as strong privacy defaults,
appropriate notice, and empowering
End-to-End Security – Full
Lifecycle Protection
user-friendly options. Keep it user-
centric.
Visibility and Transparency –
Keep it Open

Respect for User Privacy –

Keep it User-Centric
 Our Roles in Privacy-by-Design

Privacy Practice
Policy Regulatory Data Training & Technology Privacy
Impact Security
Development Compliance Minimization Education Integration Advocacy
Assessment Standards
30 Ways to Love Yourself Online

doh.gov.p
h
WORKSHOP 4
Security Incident Management
Workshop 5:
Next Steps and Ways Forward
Instructions:
• Make sure to assign a group secretary and a reporter.

• Make a simple privacy management plan for your facility. The plan should include
activities that promotes a culture of privacy. Your group may consider any of the
following areas (Policy Development, Regulatory Compliance, Privacy Impact
Assessment, Data Minimization, Security Standards, Training & Education,
Technology Integration, Privacy Advocacy)
 Action Plan
LEVEL OF
ACTIVITIES TIMELINE UNIT RESPONSIBLE
PRIORITY
Conduct a thorough assessment of data types,
High 2 weeks Data Privacy Officer
flows, and risks

Assess compliance with data privacy laws and Data Privacy Officer,
High 1 week
regulations legal counsel

Identify vulnerabilities in security measures,

High 2 weeks IT department
access controls, and data storage
Develop comprehensive data privacy, access
Data Privacy Officer,
control, data retention, and incident response Medium 4 weeks
legal counsel
policies
Human Resources
Communicate and train staff on data privacy
Low 2 weeks department, Data Privacy
policies and responsibilities
Officer
Deep Dive into Data Privacy and
Information Security
Reinier J. Estrella
Project Officer II, eHealth Systems Division
Knowledge Management and Information Technology Service doh.gov.p
h
https://bit.ly/DPADigitalLibrary