Authors :
Francis Tovi Kyl C. Meneses
Volume/Issue :
Volume 7 - 2022, Issue 8 - August
Google Scholar :
https://bit.ly/3IIfn9N
Scribd :
https://bit.ly/3c4cgi4
DOI :
https://doi.org/10.5281/zenodo.8330797
Abstract :
The Philippines serves as a leading destination for business process outsourcing (BPO), and as it
ensures its position as a top BPO outsourcing destination, compliance with the Data Privacy Act of
2012 is a must. However, data privacy compliance is never easy; factors such as awareness, budget,
and time constraints hamper organizations' compliance. Since manual reviews and internal audits of
data privacy compliance activities are time-consuming, resource-intensive, and lack coverage, some
BPO companies have chosen to use information systems to address the issues. Nevertheless, there is
evidence that organizations are struggling to find the appropriate tools and guidance on compliance
management systems (CMS). The researcher developed a standardized web-based CMS to address
the issues mentioned. A mixed-method exploratory design was utilized for data collection and
analysis. An interview was conducted with 3 DPOs from 3 BPOs to determine the beneficial and
lacking features of current systems. The same participants with 60 other employees from the 3 BPOs,
validated and verified the developed system and compared its efficiency and effectiveness with the
existing systems. It was concluded that the existing CMS the participants used has missing features
that could help in their day-to-day tasks, difficult to navigate, not user-friendly, and too broad and
general. The results revealed that the respondents rated the Web-based Data Privacy Compliance
Management System better than the existing system in terms of effectiveness and efficiency. The
developed system was also validated and verified based on the initial scope of the system. To further
help with the organization’s compliance, an expansion to target participants aside from BPO,
incorporating GDPR, CCPRA, and other privacy laws, and integrating good practices such as IAPP
can be considered.
The Philippines serves as a leading destination for business process outsourcing (BPO), and as it
ensures its position as a top BPO outsourcing destination, compliance with the Data Privacy Act of
2012 is a must. However, data privacy compliance is never easy; factors such as awareness, budget,
and time constraints hamper organizations' compliance. Since manual reviews and internal audits of
data privacy compliance activities are time-consuming, resource-intensive, and lack coverage, some
BPO companies have chosen to use information systems to address the issues. Nevertheless, there is
evidence that organizations are struggling to find the appropriate tools and guidance on compliance
management systems (CMS). The researcher developed a standardized web-based CMS to address
the issues mentioned. A mixed-method exploratory design was utilized for data collection and
analysis. An interview was conducted with 3 DPOs from 3 BPOs to determine the beneficial and
lacking features of current systems. The same participants with 60 other employees from the 3 BPOs,
validated and verified the developed system and compared its efficiency and effectiveness with the
existing systems. It was concluded that the existing CMS the participants used has missing features
that could help in their day-to-day tasks, difficult to navigate, not user-friendly, and too broad and
general. The results revealed that the respondents rated the Web-based Data Privacy Compliance
Management System better than the existing system in terms of effectiveness and efficiency. The
developed system was also validated and verified based on the initial scope of the system. To further
help with the organization’s compliance, an expansion to target participants aside from BPO,
incorporating GDPR, CCPRA, and other privacy laws, and integrating good practices such as IAPP
can be considered.