Services We Offer

Turn-key Solutions for Data Privacy Act Compliance

IT Services

  • ​Data Leakage and Loss Prevention (DLP)

  • Encryption (Endpoint/Email/URL)

  • Firewall / Web Filtering

  • Intrusion Prevention System

  • Multi-Factor Authentication

  • Server Hardening / Application White-listing

  • Mobile Device Management

  • Access Control

  • Vulnerability Assessment

  • Patch Management

  • Security Information & Event Manager

  • Data Center Security

Legal Services

  • Assist in Data Privacy Governance

  • Risk Assessment / Privacy Impact Assessment

  • Drafting of Internal Data Privacy Rules & Regulations

  • Evaluation of daily Personal Information Life Cycle processes

  • Evaluation of Physical Collection & Security Processes

  • Data Breach Management 

  • Internal Training for Data Protection Compliance

  • Establish Third Party Rules & Agreements

  • Preparation and Registration  of Personal Data Processing system with the NPC

  • DPO Function Consulting

Guidelines for Technical Security Measures
 
Where appropriate, personal information controllers and personal information processors shall adopt and establish the following technical security measures:
 

  • A security policy with respect to the processing of personal data;

  • Safeguards to protect their computer network against accidental, unlawful or unauthorized usage, any interference which will affect a data integrity or hinder the functioning or availability of the system, and unauthorized access through an electronic network;

  • The ability to ensure and maintain the confidentiality, integrity, availability, and resilience of their processing systems and services;

  • Regular monitoring for security breaches, and a process both for identifying and accessing reasonably foreseeable vulnerabilities in their computer networks, and for taking preventive, corrective, and mitigating action against security incidents that can lead to a personal data breach;

  • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;

  • A process for regularly testing, assessing, and evaluating the effectiveness of security measures;

  • Encryption of personal data during storage and while in transit, authentication process, and other technical security measures that control and limit access.