The Implementation of the Data Privacy Act among Higher Educational Institutions in the Province of Pangasinan

Abstract

Data is the most important asset of an organization. As such, they are vulnerable to breaches and requires regulation to compel organizations to establish frameworks that assure the data owners of safety. In the Philippines, the Republic Act (RA) No. 10173 or also knows as “Data Privacy Act of 2012” (DPA of 2012) was signed into law creating the National Privacy Commission (NPC) to promote, regulate, and monitor data privacy compliance of both government agencies and private institutions. This study sought to assess the extent of implementation of Republic Act 10173 or otherwise known as the Data Privacy Act in higher educational institutions (HEIs) and determine the roadblocks within and outside HEIs that contributed to challenges in its implementation. Sampling sixty (60) employees across ten (10) HEIs, both public and private, the researchers found that the Data Privacy Act is Moderately Implemented in HEIs with an Overall AWM of 2.92. Among the most serious issues that encountered were found to be in terms of compliance to Data Breach Notification and Registration and Compliance Requirements.