Republic of the Philippines

Department of Health
OFFICE OF THE SECRETARY

10 April 2018

DEPARTMENT CIRCULAR
No.2018- 01%

FOR: ALL UNDERSECRETARIES; ASSISTANT SECRETARIES;

DIRECTORS OF BUREAUS, REGIONAL OFFICES AND
SERVICES; EXECUTIVE DIRECTORS OF SPECIALTY
HOSPITALS; CHIEFS OF MEDICAL CENTERS, HOSPITALS.
SANITARIA AND INSTITUTES; AND OTHERS CONCERNED

SUBJECT: Data Privacy Awareness & Compliance Workshop of the

European Innovation, Technology, and Science Center Foundation
on April 18-20, 2018 at the New World Makati Hotel

The European Innovation, Technology, and Science Center Foundation is inviting

participants to the Data Privacy Awareness & Compliance Workshop on April 18-20, 2018 at
the New World Makati Hotel.

Attendance of concerned DOH Staff to the said activity shall be on Official

Business, subject to the approval of their respective heads of office.

All concerned central office staff can attend these courses through a DPO and
charged to HHRDB Institutional Capacity Management (ICM) Funds.

All other transactions shall be in accordance with Department Order No. 2007-0053
“Guidelines on the Attendance to Conventions/Seminars/Conference and Similar Human
Resource Development Activities Outside of the Department of Health” and “DO No. 2014-
0094 Guidelines on the Allowable Rates of Payment for Human Resource Development
Activities.”

Attached is the workshop description, reply form with other details for your ready
reference.
Dissemination of the information to all concerned is requested.

By Authority of th Secretary of Health:

GERARDO V. BAYUGO, MD, MPH, CESO III

Undersecretary of Health
Sectoral Management and Coordination Cluster

emr—ElTSC-O4-68

Building 1, San Lazaro Compound, Rizal Avenue, Sta. Cruz, Manila 1003 0 Trunk Line 651-7800 local 1113, 1108, 1135
Direct Line: 711-9502; 711-9503Fax: 743-1829 - URL: http://wwwdohgovph;e-mail: fidugue@doh.gov.ph
 E

’ ,

Subscrlbe Past Issues

l
..
E

View this email in your browser

getting Mammy Resources geek on ”freak.

Training People. Building Lives.

fifii‘fipéfin linflthfitia-e,
tethmto gamma fis'ieme mama’s?
:fiomnflafigfi

18-20 APRIL 2018' EIQAM-EPM

NEW WORtD MAKATI HOTEL

Data Privacy Awareness and Compliance Workshop

(DPC 101 - 102)
18-20 April 2018 | 9:00AM -5:00PM

New World Makati Hotel

Workshop Description
Data is now the world’s most valuable resource, and businesses around the world are transforming
themselves to take advantage of this phenomenon. Companies seeking to survive in this era of digital
transformation have realized that in today’s data-driven economy, privacy has become the proxy for
trust. If they allow their customers’ privacy to be breached, then trust in the business relationship is
lost.

In order to strengthen and enhance trust relationships with business partners and
customers,
companies are beginning to View data privacy compliance as a strategic differentiator. Previously,
management’s goal was “zero defects”. With the advent of customer experience, the goal became
“zero defections”. Today, the goal is “zero breaches”.

In this workshop, participants will receive a copy of the “NPC Privacy Toolkit” and will be
guided
through key activities which are critical for complying with Republic Act 10173, the Data Privacy Act
 §
§

SubscribeL g
Pastlssues
rum radians ’errramuwvwwriobw
v‘itr‘r/r-rp'rwr‘rGrantingWWwruw‘arnewMagmatim‘i‘fift'afi“won“ a’é’z’vawuuomr‘rwrtr‘v ’

Workshop Objectives
This learning experience aims to make participants:

aware of one’s obligations under the Data Privacy Act, and the consequences of non—
compliance,
understand what compliance looks like, and how to get started on the journey towards
compliance, and
learn new skills and techniques that are critical toward achieving data privacy compliance, such
as how to do a PlA (Privacy Impact Assessment) and what is needed for NPC registration.

As a Result, Organizations shall benefit by:

Becoming aware of the proper scope to achieve compliance. Under-scoping the
compliance journey may lead to unnecessary risk and exposure, while over-scoping can lead to
wasted time and resources.
Avoiding consequences of non-compliance, such as becoming the subject of a random
audit, being issued a compliance order, being ordered to pay damages, or being charged for a
data privacy violation which may lead to jail terms and fines.
Gaining the ability to align their compliance efforts. Misalignment can result in departments
heading in opposing directions, and lead to inefficiency and rework.

Benefits for Participants Attending the Workshop

For C-level executives, this workshop will provide essential knowledge on how to survive and
thrive in the data-driven economy.
For department heads and process owners, this workshop will provide skills on how to
conduct a privacy impact assessment and how to prevent, and prepare for, a breach of their
processes.
For data protection officers and compliance officers for privacy, this workshop provides
foundation skills.

Workshop Methodology
Participants will be guided through workbook exercises and templates contained in the NPC Privacy
Toolkit. After each module, a variety of techniques will be used to maximize understanding,
comprehension, and retention of the knowledge and skills imparted. These may include guided
reflection, case studies, interactive surveys, and group discussions.

Workshop Outline

Module Topic Module Objectives

1 We I come
2 Getting to Compliance
3 Building your Compliance
Roadmap
4 Preparing for Breach
Overview of the 3—day workshop
participant Expectations
Understand what needs to be done to achieve compliance to RA
10173, its lRRs, and other issuances of the National Privacy
Commission. Be aware of the consequences that may arise from
being non-compliant to Republic Act 10173, also known as the
Data Privacy Act of 2012.
Scope your compliance project. Understand what needs to be
done to achieve compliance.
Note: DPC-101 ends here. The modules below (on Days 2 and 3)
are only for those who have registered for DPC-102.
Be aware of the ramifications of a data privacy breach, and what
 Q

i.

. .

Subscribe
I

E Past Issues %

Hllllllcly payb lU Ur: plcpalcu:

Understand the organizational requirements to achieve data
5 Appointing a DPO privacy compliance. Assess what skills you need to develop, as
(Pillar 1) well as what kind of organizational empowerment is needed from
top management.
. . Guided by the facilitator, you will work in teams to develop a PDI
Conducting a Privacy
(personal data Inventory) and a PIA (privacy Impact assessment)
. . .

6 Impact Assessment
for a case study. Particupants w1ll then develop their
.. . .
. own plans for
(Pillar 2)
domg their own PlAs.
, _

. . Learn how to translate the clauses of a privacy notice into actual

Creatlng a Prlvacy .
procedures, contracts, data sharing agreements, and
. .
pOIlCIGS,
7 Management Program
. control frameworks. Assess where you are in .
terms of your
(Plllar 3) ,, . ,, ..
privacy management capability.

Implementing your Privacy Be aware of the complexity that surrounds the implementation of
nd Data Protection your privacy and data protection measures. Understand the
8
Measures difference, as well as the complementarity, between data privacy
(Pillar 4) and information security.

9 Meeting Registration Understand the registration requirements established by the NPC.

Requnrements

View a demonstration of a software package that will help you in

10 Documentation Aids preparing the documents required to meet compliance
requirements.

Learning Investment
(includes coffee breaks, lunches, training materials and certificate of attendance)

DPC 101 (Day 1) PhP 9,000 plus VAT per head

DPC 102 (Day 1-2) PhP 17,500 plus VAT per head (for those who have
attended DPC 101)
DPC 101 -102 (Day 1-3) Translate V
PhP 26,000 plus VAT per head

INTERESTED?
For confirmations and more information, please contact Olivia:

Tel: (632) 759 2247

Email: olivia@eitsc.com

Qawateaafi Qagéatratiwm germ

KNOW MORE ABOUT EITSC AND VISIT OUR WEBSITE

 REPLY FORM:

Please send accomplishedform to Olivia by fax at

firmness: jmwagim, (632) 751 0303 or by email at info@eitsc.com
technoiagysam Meme Cents:
Pounéafim

Data Privacy Awareness and Compliance Workshop

(DPC 101 — 102)
18-20 April 2018, 9am-5pm
New World Hotel Makati

Company Name:
Complete Address:
Company TIN:
Contact Person: E-mail:
Telephone no.: Fax no.:

This is to confirm attendance of the following participants:

A. A'lTENDEES
Name Title Email

B. PAYMENT SCHEME

Please indicate which session you will be attending.

8.1 Learning Investment per Participant

DPC 101 (Day 1): PHP 9,000 + 12% VAT

DPC 102 (Day 23): PHP 17,500 + 12% VAT
DPC 101-102 (Day 1-3): PHP 26,000 + 12% VAT

Seminar fees include coffee breaks, lunches, training materials and certificate of
attendance.

3.2 Payment (check payable to EITSC)

For deposit
On the Seminar Date

In the event of no—show or confirmation cancellation, a fee shall be charged if no advice

is given 3 working days prior to the seminar date.

C. Consent

RV registeringtn this event. \mn allnw FITSC tn use vnur nersnnal infnrmatinn that vmi nrnvided