Ortus CIO September Session

by OrtusClub on 20th September 2017

Ortus CIO September Session

Session 2: September 6, 2017

DISCUSSION ON “CHALLENGES AND BENEFITS OF HANDLING DIGITAL INFORMATION”

The Ortus CIO Group held its second session, discussing the challenges and benefits of handling digital information which came into place on the 6th of September 2017.

Below is a summary of the key issues touched upon in the session:

Digital Information Technology is often confused to be of the same bearing as Information Technology. Our moderator, Lauro Matias, took time to explain how Digital Information Technology’s focal point would be in accordance to “the consumer-facing side” whilst Information Technology would be more about “the support for Digital Information Technology and its back-end”.

Losing Control of Digital Information Technology has been a prime key point discussed as it has been revolving within the idea of  “how to properly handle digital information” along with the mere fact that data was once far from difficult with regards to being obtained, copied, shared and disseminated.

New Communication Mediums which parties, both internally and externally, can communicate thoroughly about digital information. Some members of the group shared their experience in adopting new platforms such as Slack and Facebook for Business.

Optimized rules were never needed or required before, yet currently some of the group members have been implementing ‘new rules’ into their existing organization in order to cope with the revolution of the alighting Digital Information Technology. Others have yet to develop a coherent strategy to deal with the advent of new digital platforms.

Varying Digital Development Cycle of industries and the need to evolve applicable variation amongst members. Banks and similar industries have their hands tied due to legacy platforms and due to the fact, they are controlling sensitive data. Other sectors, such as the education sector, are free to fully embrace Digital Information Technology.

DIGITAL INFORMATION TECHNOLOGY AND ITS AIM TO DIMINISH CHALLENGES AND PROCURE BENEFITS

There was a general feeling in the room that the challenges faced by the advent of digital data was information was not fully grasped by their colleagues, although the benefits were far better understood. We focused on the challenges which included:

Vitality of Digital Information Technology – The ‘viral’ nature of digital communication enables information to spread rapidly and reach a wide audience.

This can make it very difficult to know who has received the information or how it will spread further. It also requires any action to minimise the harm that could be caused by this communication to be taken quickly.

The Permanent nature of Digital Information Technology – Once digital information or items are created it can be difficult, if not impossible, to permanently delete all copies.

EMBARKING ONTO SOLUTIONS CONCERNING THE RISKS OF DIGITAL INFORMATION 

Remotely security risks associated with Digital Information – Typically, transmitting digital devices such as smart phones or laptops can be accessed remotely via another internet connection. Opening up a number of different security issues.

The discussion concluded that with the alight of Digital Information with the support of Information technology there would be obscure challenges there are to face yet with help of further discussion and sharing of valuable insights continuously through the next session that will deliberate on the topic: “Modernizing the legacy platform in light of digital transformation” that will be taking place on 8th November.

If you are an IT leader and interested in being part of the upcoming session, please do get in touch with the group admin, Jessica Circi at jc@ortusclub.com

read more
OrtusClubOrtus CIO September Session

Ortus CIO July Session

by OrtusClub on 20th September 2017

Ortus CIO July Session

Session 1: July 12, 2017

‘DISCUSSION ON ‘DATA PRIVACY ACT COMPLIANCE’

The Ortus CIO Group held its first discussion on the implementing rules and regulations of the new Republic Act No. 10173, also known as the Data Privacy Act, coming into place on September 9th, 2017. Non-compliance will result in sanctions and penalties, ranging from 1 to 6 years imprisonment, and a fine of not less than PHP 500,000 and not more than PHP 5 million.

Below are some of the key points raised during the session:

– Data security, even if it housed online, is not the sole responsibility of a company’s IT department but rather a process and change-dependent concern;

  • The National Privacy Commission is yet to polish its implementing rules and regulations so that it could cover all possible data breach scenarios; and
  • Individuals should be made aware of their rights in relation to any personal information or data they input or share both in the digital and non-digital space.
  • Members also raised the concern in terms of NPC having vague regulations when it comes to the use of 3rd party sources and apps, as this is the digital age, most companies rely on external agencies to handle their systems, websites, telco requirements, and other processes used to gather customer or employee information.

DATA PRIVACY: IT OR PROCESS RELATED?

Participants started by discussing how
compliance is driven by technology, and
that IT is very heavily involved in process
creation. One crucial point raised was the
fact that the involvement of IT is necessary
for breach investigations and process
creation, and that they are “responsible but
should not be held accountable.”
Members also talked about how the
implementing rules and regulations of NPC
seem to still be a little bit vague since
attacks on cybersecurity require more of a
technological forensics than a legal
investigation so it makes sense to have the
DPO or COP be a member of the IT team.

DATA PROCESSING, STORAGE, AND DELETION

The discussion opened up new questions
on data storage and everyone was eager to
talk about how the new rules and
regulations may affect their existing
processes.
There seemed to be a concern in terms of
the NPC having vague regulations when it
comes to the use of 3rd party sources and
apps. This is more so the case in a digital
age when most companies rely on external
agencies to handle their systems, websites,
telco requirements, and other processes
used to gather customer or employee
information.

read more
OrtusClubOrtus CIO July Session