Frequently Asked Question
How to classify sensitive data?
Last Updated 3 months ago
The Data Privacy Act of 2012 aims to protect individual personal information while allowing organizations to responsibly use data for legitimate purposes.
Key Objectives
- Protect the fundamental right to privacy
- Ensure secure and lawful processing of personal data
- Promote accountability of organizations handling data
- Balance information flow and data protection
- Full name
- Home or office address
- Email address
- Phone or mobile number
- Date and place of birth
- Gender
- Civil status
- Nationality
- Employee ID number
- Photographs
- Voice recordings
- Online identifiers (IP address, usernames)
- Work history and employment records
- Race or ethnic origin
- Marital status
- Age
- Color
- Religious, philosophical, or political affiliations
- Health information
- Education records
- Genetic data
- Sex life
- Criminal records or proceedings
- Government-issued IDs (SSS, GSIS, PhilHealth, TIN, Passport, Driver’s License)
Personal Data
Sensitive Personal Information
Data Classification Table
Classification | Description | Examples |
Public | Information approved for public release | Company address, hotline |
Internal | For internal use only | Org charts, internal emails |
Confidential | Restricted to authorized personnel | Employee records, contracts |
Restricted | Highly sensitive information | SPI, financial data |