The National Privacy Commission (NPC) issued NPC Advisory No. 2017-01 on the Designation of Data Protection Officers pursuant to Section 21(b) of the Data Privacy Act of 2012 (R.A. No. 10173) and Rule VI, Section 26(a) of its Implementing Rules and Regulations. The advisory sets forth the guidelines on the mandatory appointment by all personal information controllers (PICs) and personal information processors(s) of a data protection officer (DPO). While the relevant guidelines have only been recently issued, compliance therewith should be immediate, based on the NPC ruling that the period for complying with the Data Privacy Act of 2012 expired in 2013 or one (1) year after the effective date of the law. Click here to read more.