What are the obligations of a personal information controller regarding data security?

What are the obligations of a personal information controller regarding data security?

The personal information controller must proactively and consistently implement reasonable and appropriate organizational, physical, and technical security measures. These stringent measures are specifically intended to fiercely protect personal information against accidental or unlawful destruction, covert alteration, and unauthorized disclosure. Furthermore, the controller must protect the stored data against natural dangers like accidental loss and unpredictable human dangers such as unauthorized access or fraudulent misuse. The comprehensive legal mandate for securing and insulating personal data is strictly outlined in Section 20 Data Privacy Act. “SEC. 20. Security of Personal Information. – (a) The personal information controller must implement reasonable and appropriate organizational, physical and technical measures intended for the protection of personal information against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing. (b) The personal information controller shall implement reasonable and appropriate measures to protect personal information against natural dangers…” 21-May-26

About Nicolas and De Vega Law Offices

 Nicolas and De Vega Law Offices is a full-service law firm in the Philippines.  You may visit us at the 16th Flr., Suite 1607 AIC Burgundy Empire Tower, ADB Ave., Ortigas Center, 1605 Pasig City, Metro Manila, Philippines.  You may also call us at +632 84706126, +632 84706130, +632 84016392 or e-mail us at [email protected]. Visit our website https://ndvlaw.com/.

SEARCH