The European Innovation, Technology, and Science Center (EITSC) and the Philippine Economic Zone Authority (PEZA) have signed an agreement to make all zones under the agency compliant with Republic Act 10173, or the Data Privacy Act of 2012.
Under the memorandum of agreement (MOA) signed on April 25, EITSC will hold trainings and conduct workshops with companies in the economic zones that would help them become compliant.
Both EITSC and PEZA will come out with measures to ensure data privacy protection and cybersecurity measures among locators, and for them to comply with data security regulations and implement the compliance process.
EITSC will also provide solutions enabling locators to assess their risks and processes, introduce controls and policies, and respond to data breaches.
“PEZA locators can set the example for other companies in the Philippines in terms of data protection, data security, cybersecurity, and cyber crime,” EITSC President Henry Schumacher said.
“We need to be internationally compliant, especially now with the European Union’s (EU) General Data Protection Regulation set to be enforced on May 25,” he added.
Under the law, a company should have an appointed data protection officer, conduct privacy impact assessment, create a privacy knowledge management program, implement privacy and data protection policies, and exercise breach reporting procedure.
“We are mandating all companies to be compliant with the Data Privacy Act and with international protocols, as it will be a source of competitiveness for them,” PEZA Director General Charito Plaza said.
Both EITSC and PEZA agreed to start the program next month in Cavite, which has 350 locators and employs more than 89,000 workers.
The Cavite economic zone has Japanese, South Korean, American, and European companies that are mostly involved in electronics, garments, and plastics.
Those violating the Data Privacy Act can face up to seven years in jail and fines up to P7 million, depending on the nature and degree of their offense.