MANILA (UPDATED) - Philippine companies that handle data of European citizens will soon be required to follow European standards as the country implements the EU General Data Protection Regulation (GDPR), a member of the delegation said Tuesday.
The Philippines will start implementing GDPR on the last week of May, Walter Van Hattum, head of the Economic and Trade Section of the EU Delegation in the Philippines, said during a data privacy forum held Tuesday.
"The GDPR requires companies to inform people of data breach within 72 hours," Van Hattum said.
He said failure to comply results in fines up to 20 million euros or P1.2 billion.
Implementing European standards will also make the Philippines more attractive as an investment destination for EU-based businesses, Van Hattum said.
Data showed 52 records are stolen every second, and that a total of 7.5 billion have been stolen since 2013, Bo Lundqvist, president of the Nordic Chamber of Commerce in the Philippines (NORCHAM), said during the forum.
However, "it takes companies an average of 52 days to realize they have been compromised," he added.
Meanwhile, Commissioner Raymund Liboro of the National Privacy Commission (NPC) said the government has become stronger in the data protection realm.
"The front line of the government when it comes to addressing these is much, much wider now. You have the cybercrime group of the Department of Justice (DOJ), also the Philippine National Police (PNP) and also us (NPC)," Liboro said.
He said for the year alone, the NPC has already received 57 breach notifications.