NPC pushes data privacy compliance in banking sector in upcoming DPO2

The National Privacy Commission (NPC) is set to convene the Data Protection Officers (DPOs) of the financial services sector on 31 May 2017. Dubbed as “DPO2: The 2nd Data Protection Officers’ Assembly,” the event will be held in cooperation with the Bangko Sentral ng Pilipinas (BSP) and the Bankers Association of the Philippines (BAP). It aims to gather data protection officers of different banks who will perform vital duties to ensure their organization’s compliance with the provisions of the Data Privacy Act (DPA) of 2012.

The event is expected to draw more than a hundred DPO delegates from BSP-Supervised Financial Institutions (BSFIs) at the BSP Assembly Hall A, Bangko Sentral ng Pilipinas, Mabini Street, Manila.

The BSP and the BAP have earlier agreed to team up with the NPC for organizing the DPO2 in order to help facilitate prompt and efficient compliance by BSFIs with the privacy law. Thus, aside from being a venue for compliance assistance, the DPO2 shall function as the first step in developing a roadmap for addressing the distinct
concerns of the financial sector with the DPA.

The BSP, BAP and the NPC shall also explore ways of harmonizing data privacy compliance obligations under the law with existing BSP regulations already being observed by banks.

“The NPC consider banks a critical sector when it comes to protecting personal data and so far, the level of cooperation we are getting from the sector has been encouraging”, said Privacy Commissioner and Chairman Raymund E. Liboro.

“Customers trust banks not just with their hard-earned money, but also with their personal information. Trust comes with high expectations, and data protection officers within banks play an important role in maintaining this trust, and meeting customers’ expectations,” Commissioner Liboro added. He further explains, “they expect you to work hard at protecting their money and also their privacy. Violating this trust can lead to brand depreciation, revenue loss, or worse — customer exit. DPO2 is an investment in data privacy protection, and it shall go a long way not just in preserving our people’s trust in the financial system, but also in building a strong foundation for data privacy compliance in the private sector.”

 

DPO2 shall be the first DPO assembly to be conducted by the NPC for the private sector. Commissioner Liboro said plans are also underway to conduct similar events for the health services sector, the academe, and the business process outsourcing industry, among others.

 

Last April 5, the NPC conducted DPO1 for government data protection officers at the Landbank Plaza in Malate, Manila.

 

The NPC is a regulatory body created by virtue of RA 10173, otherwise known as the Data Privacy Act of 2012. It is an attached agency of the Department of Information and Communication Technology.