Innovate with us

Managing Risk and Adopting Sound Privacy and Security Standards

The potential for misuse of sensitive personal information has triggered legislative and regulatory action worldwide – the risks are high. Privacy laws are continually evolving, vary by jurisdiction, are interpreted unpredictably, and are in a constant state of flux.

Data Privacy Act

The Data Privacy Act (DPA) is a legal framework that recognizes your customer’s right to privacy and your company’s obligation in the legitimate, transparent and fair use of customer data. The National Privacy Commission (NPC) is the government-agency responsible for the implementation of DPA. It provides a platform for customers to raise complaints on data privacy and it provides the means for penalizing non-compliant companies.

5 Pillars of Compliance

  1. Commit to Comply

    Appoint a Data Protection Officer

  2. Know Your Risks

    Conduct a privacy risk or impact assessment

  3. Be Accountable

    Develop a Privacy Management Program and Privacy Manual

  4. Demonstrate your compliance

    Implement privacy and data protection measures

  5. Be prepared for a breach

    Regularly exercise your breach reporting procedure

Phase 1: Data Privacy Assesment

Data Inventory/Data Classification
Privacy Impact Assessment (PIA)

Deliverable: Gap Analysis and Data Privacy Roadmap

Phase 2: Data Privacy Compliance

Privacy Management Plan (PMP)
Information Security and Data Privacy Policies
Technical Security Measures
Breach Monitoring

Deliverable: PMP, Data and Security Policies

Our Business Value


The potential for the misuse or mishandling of sensitive personal information has triggered legislative and regulatory action worldwide.  Penalties for non-compliance include both imprisonment and fine ranging from 1-7 years and PhP100K to PhP5M respectively.  The risks are higher if you consider the reputational loss that drive customers and partners away and how these incidents are amplified with social media exposure.


These privacy laws are new and continuously evolving with additional circulars constantly being issued and companies can struggle in interpreting the requirements.  The guidance from bneXt cybersecurity experts will eliminate the guesswork, fast track your DPA program and ensure that your company gets it right the first time.


bneXt with its network of practitioners working in the private and government sectors, provides concrete and guaranteed steps on how to meet all your DPA requirements.  With bneXt you have a team of experts, experienced and certified cybersecurity practitioners who guides your company in both the governance and technology aspects of DPA compliance.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Consent to display content from Youtube
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound
Innovate with us