CCAP pushes forward to ensure cyber security and data privacy compliance

Pasig City, Philippines—The Contact Center Association of the Philippines (CCAP) said today that the BPO industry in the Philippines is taking serious steps to ensure compliance with regard to cyber security and data privacy regulations.


Tonichi Achurra-Parekh, CCAP Board Director and Trustee for CCAP Security Council, said that the association already came up with several measures so that the industry will get itself updated with issues related to data privacy, cyber security and governance. One of these measures includes organizing one of the biggest data privacy summits in Asia, the Data Privacy Asia 2017, which will be held July 20, 2017 at the Makati Shangri-La Manila.


“The industry has been playing an active role in educating our members through forums as well as answering data privacy-related issues in some of our conferences. The summit is in response to that growing need to educate and also accelerate our expertise in our industry,” Achurra-Parekh said.


Aside from education initiatives, Achurra-Parekh said CCAP is also working very closely with the National Privacy Commission (NPC) through its head, Chairman Raymond Liboro, to support, align and roll out programs relevant to the industry.


As to the impact of Republic Act 10173, otherwise known as the Data Privacy Act of 2012, Learning Series Taskforce Lead of the CCAP Security Council and Senior Director for Business Excellence at Hinduja Global Solutions Espie Bulseco said it will significantly increase the position of the Philippines as one of the world’s most preferred BPO destinations. “With the creation of the Act, all BPO firms in the country are now mandated to ensure protection to personal data resulting to an increase in foreign investors’ confidence in growing their outsourcing requirements in the country.”


Bulseco adds that another critical impact of the Act is that it will increase the country’s capability to handle outsourcing requirements of countries with their own data privacy laws since they have specific restrictions in transferring their residents’ data outside their region unless the outsourced provider is located in a country with existing data privacy laws. “Overall, the Data Privacy Act of 2012 will increase the number of foreign investors leading to an increase in our position as a leading BPO destination.”


As regards data privacy best practices, Achurra-Parekh said the Philippines naturally looks to the US since most clients of BPO companies in the country are US based. But because of the country’s proximity to countries in Asia like Singapore with its strong data privacy structure, there is the opportunity to compare and trade notes. Nevertheless, BPO companies here also get information and learn best practices from companies in other countries outside of the US like Australia and the United Kingdom.


As to its collaboration with the government, particularly the NPC, CCAP has been briefed of the Commission’s short- and long-term projects and is positioned to continue supporting them by implementing the guidelines and requirements the NPC already started. BPO companies, like all Philippine organizations are required to comply with the Data Privacy Act 2012   here and are given a timeline for compliance, according to Bulseco, where they are required to register to the NPC on or before September 9, 2017, or one year from the September 9, 2016, the effectivity of the Implementing Rules and Regulations (IRR) of the Data Privacy Act.


In organizing the Data Privacy Summit, the objective is for the Philippines to be “best-in-class” when it comes to implementing guidelines and proactively advancing means to uphold data protection and privacy since BPO workers hold and process millions of data as a way of life, says Jojo Uligan, CCAP President.


“Part of the objective is to communicate the trends and the threat landscape on cybersecurity when processing millions of data, and to establish the Philippines as a country with advanced data protection and privacy regulations to address these threats, ultimately to make the world entrust their business data with us,” Uligan stressed.


And the summit will not just be about discussing what data privacy is and how it affects the industry and the country, Uligan adds. “It will focus on understanding what it means now and what should be done to secure the future by bringing in the global perspectives of international experts to our country to discuss best practices and collaborate with each other in order to find the most creative solutions to evolving data protection and cybersecurity-related issues.”


The Data Privacy Asia 2017, with the theme “Data Privacy and Cyber Security: Impact on Outsourcing” is presented by the Contact Center Association of the Philippines in partnership with Data Privacy Asia Pte. Ltd., and will be held at the Makati Shangri-La Manila on July 20, 2017. For more details about the summit, visit and