Philippines Data Privacy Act of 2012 Compliance

Thales e-Security can help your organization comply with the Philippines Data Privacy Act of 2012

Philippines Data Privacy Act of 2012

Thales e-Security assists in data security compliance with the Philippines Data Privacy Act of 2012, which adopts generally accepted international principles and standards for personal data protection.

The rules derived from Philippines Data Privacy Act of 2012:

… Further enforce the Data Privacy Act and adopt generally accepted international principles and standards for personal data protection. They safeguard the fundamental human right of every individual to privacy while ensuring free flow of information for innovation, growth, and national development. These Rules also recognize the vital role of information and communications technology in nation-building and enforce the State’s inherent obligation to ensure that personal data in information and communications systems in the government and in the private sector are secured and protected.


The Act and these Rules apply to the processing of personal data by any natural and juridical person in the government or private sector.

Thales e-Security can help your organization comply with these rules.

Technical Security Requirements

Section 28 of the rules, entitled Guidelines for Technical Security Measures, offers the following direction:

Where appropriate, personal information controllers and personal information processors shall adopt and establish the following technical security measures:

a. A security policy with respect to the processing of personal data;

b. Safeguards to protect their computer network against accidental, unlawful or unauthorized usage, any interference which will affect data integrity or hinder the functioning or availability of the system, and unauthorized access through an electronic network;


d. Regular monitoring for security breaches, and a process both for identifying and accessing reasonably foreseeable vulnerabilities in their computer networks, and for taking preventive, corrective, and mitigating action against security incidents that can lead to a personal data breach;


g. Encryption of personal data during storage and while in transit, authentication process, and other technical security measures that control and limit access.

Thales e-Security Compliance Solutions

The following Thales e-Security solutions can help you comply with the Technical Security Requirements outlined in the “Regulation” section.

Vormetric Data Security Platform

The Vormetric Data Security Platform is the only solution with a single extensible framework for protecting data-at-rest across the broadest range of OS platforms, databases, cloud environments and big data implementations. The result is a low total cost of ownership, as well as simple, efficient deployment and operation.

Vormetric Data Security Manager

The Vormetric Data Security Manager from Thales e-Security offers centralized management of keys and policies for the entire suite of products available within the Vormetric Data Security Platform. The product is available as a physical or virtual appliance.

Vormetric Transparent Encryption

Vormetric Transparent Encryption from Thales e-Security provides file and volume level data-at-rest encryption and integrated, secure key management with a best practices implementation. Access controls extend protection from data breaches by limiting data access to only authorized personnel and programs. And data access monitoring provides the security intelligence information required to identify accounts that may represent a threat because of a malicious insider, or a compromise of account credentials by malware.

Security Intelligence Logs

Vormetric Security Intelligence Logs from Thales e-Security can deliver granular file access logs to popular security information and event management (SIEM) systems and be used to support audits.

Vormetric Application Encryption

Vormetric Application Encryption from Thales e-Security adds another layer of protection, enabling organizations to easily build encryption capabilities into internal applications at the field and column level.

Vormetric Tokenization with Dynamic Masking

Vormetric Tokenization with Dynamic Masking lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, managers can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.

Research and Whitepapers : Data Security Best Practices for Complying with the Philippines Data Privacy Act

This white paper offers an overview of the Philippines Data Privacy Act, and then it provides an in-depth look at how the Vormetric Data Security Platform from Thales eSecurity can deliver the robust capabilities that help address many of the act’s data-at-rest security requirements.


Research and Whitepapers : Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications

This paper cuts through the confusion to help you pick the best encryption and tokenization options for your projects. The focus is on encrypting in the data center: applications, servers, databases, and storage. It also covers cloud computing (IaaS: Infrastructure as a Service).


Research and Whitepapers : 2015 Frost & Sullivan Global New Product Innovation Award

Read this paper to learn why Frost and Sullivan honored Thales e-Security with this prestigious award.

Watch our interactive demo Explore
Schedule a live demo Schedule
Get in contact with a specialist Contact us