Philippines Data Privacy Act of 2012
Comply with the Philippines Data Privacy Act of 2012
The Philippines Data Privacy Act adopts international principles and standards for personal data protection related to the processing of personal data across both government and the private sector.
Entrust can help your organization comply with these rules through:
- Preventing access to customer and employee data outside of their home legal jurisdiction;
- Encryption key management;
- Safeguarding sensitive data in cloud environments.
Regulation
Technical Security Requirements
Section 28 of the rules, entitled Guidelines for Technical Security Measures, offers the following direction:
Where appropriate, personal information controllers and personal information processors shall adopt and establish the following technical security measures:
a. A security policy with respect to the processing of personal data;
b. Safeguards to protect their computer network against accidental, unlawful or unauthorized usage, any interference which will affect data integrity or hinder the functioning or availability of the system, and unauthorized access through an electronic network;
...
d. Regular monitoring for security breaches, and a process both for identifying and accessing reasonably foreseeable vulnerabilities in their computer networks, and for taking preventive, corrective, and mitigating action against security incidents that can lead to a personal data breach;
...
g. Encryption of personal data during storage and while in transit, authentication process, and other technical security measures that control and limit access.
Compliance
Hardware Security Modules (HSMs)
Entrust nShieldTM HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Certified at FIPS 140-2 Levels 2 and 3, nShield HSMs support a variety of deployment scenarios. nShield Connect and Solo HSMs also provide a secure environment for running sensitive applications. The CodeSafe option lets you execute code within nShield boundaries, protecting your applications and the data they process.
In addition nShield HSMs:
- Generate and protect root and certificate authority (CA) keys, providing support for PKIs across a variety of use cases
- Sign your application code so you can ensure that your software remains secure, unaltered and authentic
- Create digital certificates for credentialing and authenticating proprietary electronic devices for IoT applications and other network deployments.
Resources
Brochures: Entrust nShield HSM Family Brochure
Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.