Frequently Asked Question
How to classify sensitive data?
Last Updated 21 days ago
The Data Privacy Act of 2012 aims to protect individual personal information while allowing organizations to responsibly use data for legitimate purposes.
Key Objectives
- Protect the fundamental right to privacy
- Ensure secure and lawful processing of personal data
- Promote accountability of organizations handling data
- Balance information flow and data protection
- Full name
- Home or office address
- Email address
- Phone or mobile number
- Date and place of birth
- Gender
- Civil status
- Nationality
- Employee ID number
- Photographs
- Voice recordings
- Online identifiers (IP address, usernames)
- Work history and employment records
- Race or ethnic origin
- Marital status
- Age
- Color
- Religious, philosophical, or political affiliations
- Health information
- Education records
- Genetic data
- Sex life
- Criminal records or proceedings
- Government-issued IDs (SSS, GSIS, PhilHealth, TIN, Passport, Driver’s License)
Personal Data
Sensitive Personal Information
Data Classification Table
Classification | Description | Examples |
Public | Information approved for public release | Company address, hotline |
Internal | For internal use only | Org charts, internal emails |
Confidential | Restricted to authorized personnel | Employee records, contracts |
Restricted | Highly sensitive information | SPI, financial data |