(CooperativesPhilippines: We may think, rightly or wrongly, that the cooperatives' compliance with CISA comprises only and simply of submitting cooperative members' data to the Credit Information Corporation.
Here comes the Implementing Rules and Regulations of the Data Privacy Act, as assayed in the reposted item below, and which reportedly took effect on September 09, 2016.
Are cooperatives considered as "Personal Information Controllers" (PIC), or "Personal Information Processors" (PIP}, under the above-mentioned IRR?
Either way, it appears from the item below, that cooperatives, as "PIC", or "PIP", and to comply with the CISA requirement, has to undertake a number of measures, including but not limited to, register with the National Privacy Commission, and undertaking measures to assure the privacy of cooperative-members' credit data.
While we are at it, is the Credit Information Corporation (CIC), a "PIC", or "PIP"? And what is CIC undertaking to do under the Data Privacy Act, to protect the privacy of cooperatives' credit data?
Anyway, here is the reposted item, from BusinessWorld, Sept. 22, 2016 issue, for the guidance of cooperatives.):
Obey or pay: Implications for personal information controllers and processors
Taxwise or Otherwise
Posted on September 22, 2016