Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach
The Republic Act 10173 also known as the Data Privacy Act (DPA) of 2012 was enacted to protect personal data in information systems. Through the National Privacy Commission (NPC), government and private organizations that include higher education institutions (HEIs), were mandated to fully comply on...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2022
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etdd_infotech/7 https://animorepository.dlsu.edu.ph/cgi/viewcontent.cgi?article=1006&context=etdd_infotech |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| id |
oai:animorepository.dlsu.edu.ph:etdd_infotech-1006 |
|---|---|
| record_format |
eprints |
| spelling |
oai:animorepository.dlsu.edu.ph:etdd_infotech-10062022-09-13T00:45:23Z Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach Datu, Neil H. The Republic Act 10173 also known as the Data Privacy Act (DPA) of 2012 was enacted to protect personal data in information systems. Through the National Privacy Commission (NPC), government and private organizations that include higher education institutions (HEIs), were mandated to fully comply on / before March 8, 2018. NPC lined up several initiatives including the provision of compliance manual and other pertinent documents in 2017 that will make compliance simple and easy for organizations. However, even a year after the deadline, only 21.15 % of the HEIs nationwide were able to comply with the initial requirement of Data Protection Officer (DPO) registration. It should also be noted that such, is only one of the five pillars or key requirements to fulfill before one can be considered fully compliant. If challenges are encountered in the compliance with the initial requirement, then even greater challenges may be expected from complying with other requirements. Apparently, there are significant factors that affect how and why HEIs comply with the DPA of 2012. These are what this study intends to investigate using Compliance Theory, Protection Motivation Theory, and Socio-economic theory of regulatory compliance, and three HEIs with contrasting compliance cases. The study will be conducted using quantitative and qualitative methods using multiple case-study design. It also intends to contribute to theory by extending organizational commitment as a determinant of compliance with laws related to the use of Information Technology (IT). The results of this study may serve as basis for other HEIs who are still in the process of compliance, as well as, to support government initiatives intended to augment compliance and monitoring efforts. The end goal is to support the government’s policy as stated in RA 10173, “To protect the fundamental human right of privacy of communication while ensuring free flow of information to promote innovation and growth”. 2022-01-01T08:00:00Z text application/pdf https://animorepository.dlsu.edu.ph/etdd_infotech/7 https://animorepository.dlsu.edu.ph/cgi/viewcontent.cgi?article=1006&context=etdd_infotech Information Technology Dissertations English Animo Repository Data privacy Privacy, Right of Universities and colleges Higher Education Privacy Law |
| institution |
De La Salle University |
| building |
De La Salle University Library |
| continent |
Asia |
| country |
Philippines Philippines |
| content_provider |
De La Salle University Library |
| collection |
DLSU Institutional Repository |
| language |
English |
| topic |
Data privacy Privacy, Right of Universities and colleges Higher Education Privacy Law |
| spellingShingle |
Data privacy Privacy, Right of Universities and colleges Higher Education Privacy Law Datu, Neil H. Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach |
| description |
The Republic Act 10173 also known as the Data Privacy Act (DPA) of 2012 was enacted to protect personal data in information systems. Through the National Privacy Commission (NPC), government and private organizations that include higher education institutions (HEIs), were mandated to fully comply on / before March 8, 2018. NPC lined up several initiatives including the provision of compliance manual and other pertinent documents in 2017 that will make compliance simple and easy for organizations. However, even a year after the deadline, only 21.15 % of the HEIs nationwide were able to comply with the initial requirement of Data Protection Officer (DPO) registration. It should also be noted that such, is only one of the five pillars or key requirements to fulfill before one can be considered fully compliant. If challenges are encountered in the compliance with the initial requirement, then even greater challenges may be expected from complying with other requirements. Apparently, there are significant factors that affect how and why HEIs comply with the DPA of 2012. These are what this study intends to investigate using Compliance Theory, Protection Motivation Theory, and Socio-economic theory of regulatory compliance, and three HEIs with contrasting compliance cases. The study will be conducted using quantitative and qualitative methods using multiple case-study design. It also intends to contribute to theory by extending organizational commitment as a determinant of compliance with laws related to the use of Information Technology (IT). The results of this study may serve as basis for other HEIs who are still in the process of compliance, as well as, to support government initiatives intended to augment compliance and monitoring efforts. The end goal is to support the government’s policy as stated in RA 10173, “To protect the fundamental human right of privacy of communication while ensuring free flow of information to promote innovation and growth”. |
| format |
text |
| author |
Datu, Neil H. |
| author_facet |
Datu, Neil H. |
| author_sort |
Datu, Neil H. |
| title |
Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach |
| title_short |
Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach |
| title_full |
Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach |
| title_fullStr |
Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach |
| title_full_unstemmed |
Compliance of Higher Education Institutions (HEIs) with the Data Privacy Act of 2012: A case study approach |
| title_sort |
compliance of higher education institutions (heis) with the data privacy act of 2012: a case study approach |
| publisher |
Animo Repository |
| publishDate |
2022 |
| url |
https://animorepository.dlsu.edu.ph/etdd_infotech/7 https://animorepository.dlsu.edu.ph/cgi/viewcontent.cgi?article=1006&context=etdd_infotech |
| _version_ |
1744376655055421440 |