Data Privacy and the Outsourcing Industry
Now that the announcement is already making the rounds, we might as well join in the chorus: On July 20, the Contact Center Association of the Philippines (CCAP) will be hosting Data Privacy Asia 2017 at the Makati Shangri-La. It’s a whole day event with global experts and thought leaders, with discussions on the theme “Data Privacy and Cyber Security: Impact on Outsourcing,” that promise to be intense and insightful.
I’m extremely honored to be leading, as a guest of honor, a very highpowered lineup of speakers in this event, ranging from Presidents and Chief Technology Officers from some of the biggest information security companies, from here in Asia to across the Pacific. Featured sessions so far include talks on global privacy trends, especially those that impact outsourcing; building an effective privacy management program; and implementing a cybersecurity governance framework.
We at the National Privacy Commission welcome such efforts to bring together stakeholders, fellow advocates, and experts who can share knowledge on data privacy and security. It is even more gratifying that, in this particular instance, the initiative came from the private sector. It goes to show that there are so many others who, like us, are aware of the massive changes happening in the sector and the threats as well as opportunities that come along with these changes, and are willing to put resources and effort into raising the level of discourse.
As with other industries, the evolution and constant refinement of data privacy laws impacts the BPO sector in specific ways. In particular, businesses gather data for express purposes, determining what that data is for, and how to process it—this makes them data controllers. When they decide to outsource some of their activities, often, there is data that needs to be transferred to their outsourcing partners. This, as you can imagine, opens up a lot of complications: In most instances, the original business remains the data controller by law, therefore making them accountable in cases of breach, and responsible for the proper handling of the data. What then, are the duties of their outsourcing partner? How can we ensure that there remains a high level of vigilance? These are only some of the questions that the industry as a whole must talk about and build consensus on.
In any case, that is why gatherings like the CCAP’s Data Privacy Asia are very important. They provide spaces not only for updates and learning, but also for interaction and consensusbuilding. With such active partners, we are sure that discourse will continue to mature.
For news and updates, please like the National Privacy Commission’s page on Facebook. Email info@ privacy.gov.ph for comments and questions.