The National Privacy Commission (NPC) of the Philippines conducted its second virtual public consultation on 22 March 2023 on a draft circular on the prerequisites for the Philippine Privacy Mark (PPM) Certification Program.
The draft circular sets out specifically the prerequisites for the certification of personal information controllers (PICs) and personal information processors (PIPs), and would also apply to all certification bodies (CBs) that would seek accreditation under the PPM.
Based on the draft, the circular once issued would require PICs or PIPs to be certified with the ISO/IEC 27001 - information security management system (ISMS) and ISO/IEC 27701 - privacy information management system (PIMS) before applying for PPM certification.
The same requirement would apply to CBs prior to applying for accreditation under the PPM.
Get our free Data Protection Impact Assessment (DPIA) Cheat Sheet. Log in as a DPEX Network member (sign-up is free) to download.