Under the Data Privacy Act of 2012 (DPA), Personal Information Controllers (PICs) and Personal Information Processors (PIPs) have the obligation to adhere to data privacy principles, uphold data subjects rights, and implement security measures. Know more how to comply with the DPA through NPC's issuances.

Given the nature of personal data processed by the government, a separate chapter on the obligation of securing sensitive personal data in government is provided in the Data Privacy Act of 2012. Know more here.


Exemption From Registration