Acknowledging the importance and value of protecting personal information and sensitive personal information, the Cooperative Development Authority (CDA), through the collaborative efforts of the Legal Affairs Service (LAS) – Data Protection Officer’s (DPO) Team and the General Administration and Support Service (GASS) – Information and Communications Technology Division (ICTD), conducted a Security Incident Management (SIM) Training and Breach Reporting on October 15-17, 2025 at Madison Hotel 101 + Tower, Quezon City.
The SIM Training and Breach Reporting aligns with the need for the Authority’s continuing compliance with Republic Act 10173, otherwise known as the Data Privacy Act of 2012 (DPA) for the collection and processing of personal data in relation to the exercise of its developmental, registration, supervision and examination, and quasi-judicial powers, functions, and responsibilities, under Republic Act No. 11364, otherwise known as the CDA Charter of 2019 and its implementing rules and regulations.
The three-day activity equipped the participants with essential knowledge and practical skills to effectively prevent or mitigate the occurrence of, and respond to, data breaches. Participants were trained on the proper channels and procedures to follow in the event of a breach, enabling swift action and coordinated responses to mitigate impact. This preparedness aims to minimize potential damage during a breach and ensure the continuity of the Authority’s operations.
Atty. Dann Mitzelle S. Dalino, Attorney III, and Ms. Jeremy A. Mercado, Information System Researcher II, of the Compliance and Monitoring Division of the National Privacy Commission (NPC), served as the Resource Persons during the three-day activity.
A key highlight of the training was the presentation of the Security Incident Management Policy, which included the structure and role of the Data Breach Response Team, detailed incident response procedures, and a review of organizational, physical, and technical security measures. The policy also integrated personal data privacy principles, reinforcing safeguards to protect data subjects from harm and adverse consequences in the event of a breach.
Furthermore, the CDA Data Privacy Manual was presented and discussed in detail. The session provided clarity on the agency’s commitment to data privacy and the practical measures in place to uphold this commitment.
Meanwhile, the Data Protection Officer, Compliance Officers for Privacy, Information and Communications Technology personnel, both from Head Office and various Extension Offices, including LAS and ICTD personnel who served as secretariat, attended the said event.
Finally, the activity reaffirmed the organization’s dedication to continuous compliance with the Data Privacy Act of 2012, its Implementing Rules and Regulations, and related issuances by the NPC. Through this initiative, the organization takes a proactive stance in aligning its policies and practices with national data privacy standards, thereby strengthening trust and accountability in its services.
