The Philippine Data Privacy Act (Republic Act 10173): What You Need To Know?

by | Jul 21, 2021


Here are the basics for the Philippine Data Privacy Act that you need to know.

What is the Philippines Data Privacy Act?

Republic Act No. 10173, otherwise known as the Philippines Data Privacy Act. This is a law that seeks to protect all forms of information, be it private, personal, or sensitive. It is meant to cover both natural and juridical persons involved in the processing of personal information.

What is Data Privacy?

Data privacy is the right of an individual not to have private information about himself disclosed. It is to live free from surveillance and intrusion.

All companies handle some form of personal information, from employee to client to end-user data. Thus, all companies are now responsible to protect confidentiality, preserve integrity, and promote the availability of data for authorized use.

How Do We Comply?

All personal data must be:

  • Collected with the customer’s proper consent.
  • Solely used for its intended purposes.
  • Have legitimate reasons for the collection that must be clear to both parties giving and receiving information.
  • Be protected and secured from collection to proper disposal avoiding access from unauthorized parties.

Companies should have:

  • A Data Protection Officer
  • Routine assessments to ensure quality data protection.
  • Privacy knowledge programs and privacy and data policies to regulate the handling of information.
  • Routine assessments to ensure quality data protection.
  • A proper procedure for breach notification to its customers.

What would non-compliance entail?

What is the penalty for violating the Philippines Data Privacy Act?

Improper or unauthorized processing, handling, or disposal of personal information can be penalized by the following.

  • Imprisonment of up to 6 years.
  • A hefty fine of PHP500,000.

RA 10173 assures the “free flow of information, promote innovation and growth” while protecting users’ fundamental rights to privacy.

Who should know? The Act applies to anyone who processes personal data in both the government and private sectors. 

Why? Because companies are responsible for keeping their customers’ data protected from third parties or any form of misuse. RA 10173 provides standards that regulate the collection, handling, and disposal of all personal information.  

EversunHR puts data privacy at the utmost priority and takes advanced measures to maintain confidentiality in information handling. We encourage companies to look through the Data Privacy Act. Companies should secure the safety of their own data privacy processes.

On the same note, know your rights as a data provider, be informed how your private data be handled.

If you are looking to take advantage of HR and payroll technology, then EversunHR provides innovative end-to-end payroll solutions. The right payroll system could streamline your processes because it maintains a happy workforce and avoids pesky violations. 

From digitized employee records, as well as timekeeping data to payroll processing up to online payslip distribution. EversunHR gives you the means to catch up, and then surpass your competitors.

We are always open for full-system demos, send an email to

Continue Reading