Regular security check ensures PhilSys data privacy

(Image courtesy of PhilSys) MANILA - The Philippine Identification System (PhilSys) is protected under stringent data privacy measures and security settings. The Philippine Statistics Authority (PSA), the lead implementing agency of the project, said in a statement on Saturday that it regularly conducts Privacy Impact Assessments (PIA) for PhilSys' design and processes. Through the PIA, done by an independent third party, all data privacy and security risks are identified. The PSA said "mitigation strategies, appropriate measures, and safeguards" are in place for personal data and identification of registrants of the Philippine Identification (PhilID) card. PSA Undersecretary Dennis Mapa underscored how the government values data privacy. "We take the responsibility of ensuring data privacy and security very seriously. A privacy impact assessment is not merely a one-off exercise. We have been doing these assessments continuously since the start of the program and we will continue to regularly conduct PIA as we move forward with the registration of more Filipinos and the implementation of use cases," Mapa said. The regular PIA is done in partnership with the Department of Information and Communications Technology (DICT) and is compliant with the recommendations and guidelines of the National Privacy Commission. DICT Undersecretary Denis Villorente said the security assessment method is one of the structural measures to check on PhilSys' data protection and cybersecurity. The PhilSys project also undergoes regular vulnerability assessment, penetration testing, and third-party software code audits. Registration data are encrypted while personal data are segmented, all fully owned and controlled by the government. It has also applied privacy-by-design principles, such as data minimization, proportionality, and tokenization of the PhilSys Number (PSN), which will protect the permanent unique identifier by "enabling the use of its derivatives in lieu of the actual PSN". Tokenization turns data, such as account numbers, into a random string of characters called a token that has no value if breached. The PSA said the data provider remains to be the owner and all private information cannot be accessed by anyone. Signed into law by President Rodrigo Duterte in August 2018, Republic Act 11055, or the Philippine Identification System Act, aims to establish a single national ID for all Filipinos and resident aliens. The national ID shall be a valid proof of identity that shall be a means of simplifying public and private transactions, enrolment in schools, and the opening of bank accounts. It will also boost efficiency, especially in dealing with government services where people will only need to present the PhilID during transactions. (PNA) }

Related Keywords

Manila ,Philippines ,Philippine ,Benguet ,Filipinos ,Rodrigo Duterte ,Denis Villorente ,Dennis Mapa ,Communications Technology ,Philippine Statistics Authority ,Department Of Information ,National Privacy Commission ,Philippine Identification System ,Privacy Impact Assessments ,Philippine Identification ,National Privacy ,Philsys Number ,President Rodrigo Duterte ,Republic Act ,Philippine Identification System Act ,Mage Courtesy Of Philsys Manila The Philippine Identification System Is Protected Under Stringent Data Privacy Measures And Security Settings Statistics Authority Psa ,He Lead Implementing Agency Of The Project ,Aid Ina Statement On Saturday That It Regularly Conducts Privacy Impact Assessments Pia For Philsys 39 Design And Processes Through The ,One By An Independent Third Party ,Ll Data Privacy And Security Risks Are Identified The Psa Said Quot Mitigation Strategies ,Appropriate Measures ,Nd Safeguards Quot Are In Place For Personal Data And Identification Of Registrants The Philippine Philid Card Psa Undersecretary Dennis Mapa Underscored How Government Values Privacy We Take Responsibility Ensuring Security Very Seriouslya Impact Assessment Is Not Merelya One Off Exercise Have Been Doing These Assessments Continuously Since Start Program Will Continue To Regularly Conduct Pia As Move Forward With Registration More Filipinos Implementation Use Cases ,Uot Mapa Said The Regular Pia Is Done In Partnership With Department Of Information And Communications Technology Dict Compliant Recommendations Guidelines National Privacy Commission Undersecretary Denis Villorente Security Assessment Method One Structural Measures To Check On Philsys 39 Data Protection Cybersecurity Project Also Undergoes Vulnerability ,Penetration Testing ,Nd Third Party Software Code Audits Registration Data Are Encrypted While Personal Segmented ,Ll Fully Owned And Controlled By The Government It Has Also Applied Privacy Design Principles ,Uch As Data Minimization ,Proportionality ,Nd Tokenization Of The Philsys Number Psn ,Hich Will Protect The Permanent Unique Identifier By Quot Enabling Use Of Its Derivatives In Lieu Actual Psn Tokenization Turns Data ,Uch As Account Numbers ,Ntoa Random String Of Characters Calleda Token That Has No Value If Breached The Psa Said Data Provider Remains To Be Owner And All Private Information Cannot Accessed By Anyone Signed Into Law President Rodrigo Duterte In August 2018 ,Epublic Act 11055 ,R The Philippine Identification System Act ,Ims To Establisha Single National Id For All Filipinos And Resident Aliens The Shall Bea Valid Proof Of Identity That Means Simplifying Public Private Transactions ,Nrolment In Schools ,Nd The Opening Of Bank Accounts It Will Also Boost Efficiency ,Specially In Dealing With Government Services Where People Will Only Need To Present The Philid During Transactions Pna ,