Name: John Vincent N.

Evasco Section: CpE 221

I. Title of the seminar

Data Privacy Act Awareness
II. Speaker
Ms. Josephine B. Moradoz – Compliance Officer for Privacy NU Dasma
III. Summary
To sum up, data is a common element shared by various industries, social media
platforms, merchandise, etc. Also, all of them experienced data breaches or hacks,
which is why privacy really matters. Any of us don't want to be victims of this data
breach, so it is important to be educated about data.

According to the speaker, the Data Privacy Act of 2012, or Republic Act No. 10173,
is an act protecting individual personal information and communications systems in
the government and the private sector, creating for this purpose a national privacy
commission, and for other purposes. In addition, the DPO/CPO office is like a
guardian that watches over a company's data protection strategies and also makes
sure that they follow the rules of Republic Act No. 10173. They do have an important
role to play in an organization and are charged with maintaining the Personal
Information Controllers (PIC) and Personal Information Processors under Republic
Act No. 10173 and following the guidelines of the National Privacy Commission
(NPC). Here at NU Dasma, the DPO structure is put in place to guarantee data
protection. This procedure is managed by the Office of the President's Data
Protection Office. A Compliance Officer for Privacy (COP) who reports to the
Executive Director is also stationed on each campus. Employees and students can
speak with their respective Compliance Officer for Privacy (COP) directly for support
and advice if they have any concerns about privacy on campus.

What the office does is: ensure that the company complies with the National Privacy
Commission's guidelines for the Data Privacy Act; serve as the authority on matters
pertaining to data security and privacy for both the public and the government; inform
the organization and offer guidance on data handling; monitor and oversee data
processing-related projects, programs, or systems; handle concerns and inquiries
from the public regarding the data that the organization possesses; assemble an
incident management system and notify the National Privacy Commission in the
event of a data breach; instruct the business and its staff on safe data handling and
confidentiality; Check security frequently to ensure that everything complies with
regulations and to address issues before they get out of hand; maintains thorough
records of all the ways the business uses data, and shares them upon request;
provides feedback and adheres to a procedure that prioritizes maintaining privacy
from the outset and resolving any privacy concerns.

Furthermore, data subject refers to a person whose personal, sensitive, or private

information is being handled or used. Ms. Josephine also showed us the different
classifications of information, which are personal information, sensitive personal
information (based on the IRR), and privileged information (based on the rule of law).
Additionally, processing is doing anything with personal data, like collecting,
recording, organizing, storing, updating, using, or getting rid of it.

Moreover, the personal information controller (PIC) is defined as someone in charge,

an individual or group, who makes decisions about what happens to personal data or
designates another person to do so on their behalf. For example, if we submit our
data to the university, the university itself will become the personal information
controller. Also, a personal information processor (PIP) is defined as anyone,
whether a person or a group, that a personal information controller hires or tells to
handle the personal data of someone.

Ms. Josephine also explains the student consent forms for the processing, release,
and retention of personal information. She also discussed the basic protocols for data
protection in NUFLEX, like the choice of platform, licensed software, student
credentials, strong passwords, regular updates, and backups. She also discussed
areas of concern like emails, chats or messaging apps, social media apps and
platforms, and learning management systems. Furthermore, she encouraged us to
"love ourselves online" by creating a strong password, never using the same
password on multiple accounts, always logging out of browsers, installing an anti-
virus and updating it, not clicking on pop-ups or virus warnings, and installing an ad
blocker to lessen pop-ups. And she closes her statement by sharing with us the
golden rule of data privacy, which is "If you cannot protect it, do not collect it."

What I observed while watching the webinar was that they focused more on the
function of the office, maybe because it is important to us students how our
information is being processed here in the university.
 While watching the webinar, I felt a little bit anxious, especially in the part where we
are asked to visit a website that checks whether our data has been compromised
online or not, as well as knowing all the risks and vulnerabilities concerning my data.

I have this hobby where I have one password on multiple accounts and other
accounts on other platforms, so watching this webinar really changed my perspective
when it comes to creating passwords.

The most significant takeaways that I gained in this webinar are in the area of
concern of social media apps and platforms, especially when they talked about the
posting of IDs on social media platforms. I can relate to this because I’ve seen a lot
of posts on the unofficial group of NU Dasma where some students are posting their
IDs openly, not knowing the possible risk of identity theft that actually happened in
one of my friends where her ID has been used by a scammer and taking a huge
amount of money, so in the end the scammer's victim is attacking her.

As a student whose hobby is to play computer games, I sometimes uninstall my

antivirus to install a game in which the antivirus states that there is a threat in this
application, but I never listen to what the warning says and keep installing the game,
so watching this webinar reinforces my beliefs in this case.

Having viewed this webinar, a deeper understanding has emerged. Both the quantity
of people uploading personal information online and the quantity of possible criminals
are growing. An individual is more likely to fall victim to numerous online threats if
they lack awareness regarding data privacy. And he or she might face legal
consequences for not knowing the data privacy laws and regulations.

I have the same password for several accounts on different platforms, as I previously
mentioned, so after watching this webinar, my first thought is to change a few of my
passwords.

IV. Conclusion
The webinar concluded by highlighting the vital significance of data privacy in our
globally interconnected society. The frequency of data breaches in a variety of
industries highlights the need for people to protect their personal information by being
proactive and knowledgeable about it. As previously mentioned, the Data Privacy Act
of 2012 is essential for safeguarding personal information, and the Data Protection
Office acts as a watchdog to make sure businesses are complying with the law.
 The webinar addressed the wider ramifications of data privacy for individuals,
particularly in educational institutions such as NU Dasma, in addition to offering
insights into the operations of the Data Protection Office. The institution's dedication
to protecting the privacy of its workers and students is demonstrated by the
Compliance Officer for Privacy (COP) position, which is located on campus, and the
focus on developing a data protection framework.

Throughout the webinar, it became clear how important it is to comprehend terms like
"data subject," "processing," "personal information controller (PIC)," and "personal
information processor (PIP)". These ideas emphasized the intricate web of
connections and duties that go into handling personal data.

People could improve their data protection practices by putting the useful tips and
guidelines from the webinar—like creating strong passwords, using caution when
sharing personal information on social media, and keeping security measures up to
date—into practice. The webinar's emphasis on social media risks—such as sharing
IDs publicly—resonated well with participants as real-life examples were presented,
underscoring the possible repercussions of such behavior.

In the end, the webinar was successful in informing attendees about data privacy
laws and procedures as well as in motivating them to reconsider their personal habits
and make the decision to switch to safer online behaviors. People must prioritize
protecting the privacy and security of personal information and actively participate in
doing so as more people become aware of the dangers and potential legal
ramifications of insufficient data protection. I'm interested in learning more about
NUFlex's data protection policy because, as a student taking an online course, I need
to know how to safeguard my account.

V. Recommendation
In today's connected world, it is vital to learn about the Data Privacy Act, and for that
reason, I would definitely recommend this webinar. It is essential for safeguarding
individual rights, building trust, and guaranteeing the safe development of our digital
society—rather than just being a legal requirement. Building a resilient and
responsible digital future requires awareness of and adherence to data privacy
principles, which become increasingly important as we navigate the complexities of
the digital age.
Name: Marcus Louis F. Gaite Section: CpE-221

I. Title of the seminar

Data Privacy Act Awareness
II. Speaker
Ms. Josephine B. Moradoz – Compliance Officer for Privacy NU Dasma
III. Summary
In conclusion, data is a shared component amongst a variety of businesses, social
media sites, products, etc. They've all also been the victims of hacks or data
breaches, which is why privacy is so important. It is crucial to become knowledgeable
about data since none of us want to fall prey to another data breach.

The speaker claims that the Data Privacy Act of 2012, also known as Republic Act
No. 10173, is a law that protects private and public sector employees' personal
information and communications systems, establishes a national privacy commission
for this reason, and serves other objectives. Furthermore, the DPO/CPO office
functions as a watchdog, monitoring an organization's data protection policies and
ensuring compliance with Republic Act No. 10173. They do play a significant role in
an organization and are responsible for upholding Republic Act No. 10173's
requirements for Personal Information Controllers (PIC) and Personal Information
Processors, as well as the National Privacy Commission's (NPC) guidelines. The
DPO structure is in place at NU Dasma to ensure data protection. The Office of the
President's Data Protection Office oversees this process. Every campus also has a
Compliance Officer for Privacy (COP), who answers to the Executive Director. If staff
members or students have any questions regarding privacy on campus, they can get
support and guidance by getting in touch with their specific Compliance Officer for
Privacy (COP).

The office's responsibilities include making sure the business complies with the
National Privacy Commission's guidelines for the Data Privacy Act, acting as the
public's and government's go-to source on issues pertaining to data security and
privacy, educating the organization and providing guidance on data handling,
monitoring and supervising projects, programs, or systems related to data
processing, responding to public concerns and questions about the data the
organization possesses, putting together an incident management system and
informing the National Privacy Commission in the event of a data breach, and
training the company and its personnel on safe data handling and confidentiality.
Regularly check security to make sure everything is in compliance with laws and
regulations, and address problems before they become out of control; keep detailed
records of all the ways the company uses data and share them upon request; offer
feedback and follow a protocol that puts privacy first and addresses any privacy
concerns. Additionally, a person whose private, sensitive, or personal
information is being handled or used is referred to as a data subject.

Additionally, Ms. Josephine demonstrated to us the various categories of

information, including privileged information (derived from the rule of law),
sensitive personal information (based on the IRR), and personal information.
Processing also includes any action taken with regard to personal data,
including gathering, logging, organizing, storing, updating, utilizing, or
discarding it.

Furthermore, an individual or group in charge who decides what happens to

personal data or appoints another person to do so on their behalf is known as
the personal information controller (PIC). For instance, the university will take
on the role of the controller of personal information if we give it our data.
Furthermore, any individual or organization that a personal information
controller employs or designates to manage a person's personal data is
referred to as a personal information processor (PIP).

Additionally, Ms. Josephine goes over the consent forms that students must sign to
allow the processing, sharing, and storing of their personal data. Additionally, she
talked about the fundamental NUFLEX data protection procedures, such as platform
selection, licensed software, student credentials, strong passwords, routine updates,
and backups. Concerning emails, chats or messaging apps, social media platforms
and apps, and learning management systems, she also covered these topics. She
also urged us to "love ourselves online" by setting up a strong password, avoiding
using the same password for multiple accounts, shutting down browsers after using
them, installing and updating antivirus software, avoiding pop-ups and virus alerts,
and using an adblocker to reduce pop-ups. Then, she shares with us the most
important data privacy guideline: "If you cannot protect it, do not collect it."
 I think it's the data protection in the conduct of NUFlex because NU is still conducting
an online class, so it's important for us students to learn how to protect our accounts,
especially MS Teams.

After watching the webinar, I feel concerned about the potential risks associated with
data privacy breaches and the implications they may have for my personal
information.

The most significant takeaways or lessons that I gained in this webinar are where
Ms. Josephine encourages us to backup our files and maximize the use of One Drive
for cloud storage. I can relate to this because, as a student, cloud storage is
important for me to save my files for my studies.

Whenever I create a new account online, I tend to use short and easy-to-remember
passwords, so I will not forget them, and sometimes I use them on other accounts.
After watching this webinar, knowing all the risks of not creating a strong password
changed my belief.

I now have a better understanding of the importance of Data Privacy Act Awareness
in protecting people's personal information, thanks to this webinar. Knowing the
terms of data protection laws enables people to take ownership of their own data in a
time when cyberattacks and data breaches are increasing. By reducing the possibility
of unauthorized access, this awareness guarantees that sensitive data, including
financial information, contact details, and medical records, is handled with the highest
care.

I've made a plan to reduce the amount of data I expose after watching this webinar.
Understanding data privacy motivates me to leave as little digital trace as possible. I
decide to share less personal information online in order to lower my chance of
becoming a target for cybercriminals.

IV. Conclusion

The speaker highlights the significance of privacy while highlighting the vital role that
data plays in many industries and the growing threat of data breaches. They talk
about the Data Protection Office's (DPO) responsibility for guaranteeing adherence
to the Data Privacy Act of 2012 (Republic Act No. 10173). The DPO's duties
 encompass overseeing and instructing on data handling, attending to concerns, and
handling incidents such as data breaches.

The talk goes over several information kinds, the function of a data subject, and the
importance of consent forms. In addition, Ms. Josephine offers helpful advice on
internet safety, emphasizing the value of secure passwords and responsible online
conduct. The speaker exhorts listeners to use secure cloud storage and to back up
their files.

The webinar challenges the audience to reconsider their online behavior, particularly
in relation to data exposure and password strength. The significance of Data Privacy
Act Awareness is emphasized, enabling people to take charge of their data in the
face of growing cyberthreats. Concerned about possible threats to their private data,
the viewer promises to lessen their digital footprint in order to improve cybersecurity.
I'm interested in finding out more about how a particular organization handles
information.

V. Recommendation

Yes, I will tell others about this. Promoting awareness of the Data Privacy Act is a
step toward creating a more secure, accountable, and morally upright online
community. It provides people and organizations with the knowledge they need to
safely navigate the ever-evolving interconnected world.