Book a demo Log in / Sign up

Authorization To Disclose Personal Information Template for the Philippines

Generate a bespoke document

  • England and Wales
  • Scotland
  • Northern Ireland
  • Ireland
  • United States
  • Alabama (USA)
  • Alaska (USA)
  • Arizona (USA)
  • Arkansas (USA)
  • California (USA)
  • Colorado (USA)
  • Connecticut (USA)
  • Delaware (USA)
  • Florida (USA)
  • Georgia (USA)
  • Hawaii (USA)
  • Idaho (USA)
  • Illinois (USA)
  • Indiana (USA)
  • Iowa (USA)
  • Kansas (USA)
  • Kentucky (USA)
  • Louisiana (USA)
  • Maine (USA)
  • Maryland (USA)
  • Massachusetts (USA)
  • Michigan (USA)
  • Minnesota (USA)
  • Mississippi (USA)
  • Missouri (USA)
  • Montana (USA)
  • Nebraska (USA)
  • Nevada (USA)
  • New Hampshire (USA)
  • New Jersey (USA)
  • New Mexico (USA)
  • New York (USA)
  • North Carolina (USA)
  • North Dakota (USA)
  • Ohio (USA)
  • Oklahoma (USA)
  • Oregon (USA)
  • Pennsylvania (USA)
  • Rhode Island (USA)
  • South Carolina (USA)
  • South Dakota (USA)
  • Tennessee (USA)
  • Texas (USA)
  • Utah (USA)
  • Vermont (USA)
  • Virginia (USA)
  • Washington (USA)
  • West Virginia (USA)
  • Wisconsin (USA)
  • Wyoming (USA)
  • Austria
  • Denmark
  • France
  • Germany
  • Lithuania
  • Luxembourg
  • Malta
  • Netherlands
  • Poland
  • Portugal
  • Romania
  • Slovakia
  • Slovenia
  • Spain
  • Sweden
  • Switzerland
  • Australia
  • New Zealand
  • Singapore
  • Hong Kong
  • India
  • Malaysia
  • Pakistan
  • United Arab Emirates
  • Qatar
  • Saudi Arabia
  • South Africa
  • Nigeria
  • Canada
  • Brasil
  • Monaco
  • Bermuda
  • Cayman Islands
  • Gibraltar
  • Isle of Man
  • Mauritius

What is a Authorization To Disclose Personal Information?

The Authorization To Disclose Personal Information is a crucial document required in the Philippines whenever personal information needs to be shared between parties. This document becomes necessary in various scenarios, including employment, healthcare, financial services, and educational contexts, where personal data must be transferred or accessed by third parties. It ensures compliance with the Data Privacy Act of 2012 and its implementing rules, which mandate explicit consent for processing personal information. The authorization typically covers details such as the scope of information to be disclosed, intended recipients, purpose of disclosure, and duration of the authorization. It serves as a protective measure for both the data subject and the organizations handling the information, establishing clear boundaries for data sharing while maintaining privacy rights under Philippine law.

Frequently Asked Questions

Is an Authorization To Disclose Personal Information legally binding under Philippine law?

Yes, this document is legally binding in the Philippines under Republic Act No. 10173 (Data Privacy Act of 2012). Once signed, it creates a legal obligation for all parties to comply with the specified terms of data disclosure and processing. The authorization serves as documented proof of consent required by the National Privacy Commission.

Can personal information be shared without this authorization document in the Philippines?

No, sharing personal information without proper authorization violates the Data Privacy Act of 2012. Missing or incomplete authorization can result in penalties for the data controller, including fines up to PHP 5 million and imprisonment. The data subject also loses legal protection and recourse if unauthorized disclosure occurs.

How does Authorization To Disclose differ from a general Data Privacy Consent Form in the Philippines?

Authorization To Disclose is specifically for sharing existing personal data between parties, while a Data Privacy Consent Form covers initial collection and processing of personal information. The authorization is more targeted and temporary, often for specific purposes like background checks or medical referrals, whereas consent forms establish ongoing data processing relationships.

Must the authorization specify exactly which personal information can be disclosed under Philippine law?

Yes, RA 10173 requires that authorizations clearly specify the types of personal information to be disclosed, the purpose of disclosure, and the recipient parties. Blanket or general authorizations are not compliant with Philippine law. The document must be specific about data categories such as employment records, medical information, or financial details.

How long does it take to create a valid Authorization To Disclose Personal Information?

Creating the document typically takes 15-30 minutes using a proper template, but gathering all required information and obtaining signatures may take 1-3 business days. Complex authorizations involving multiple parties or sensitive data categories may require additional review time to ensure compliance with RA 10173 requirements.

Can I revoke an Authorization To Disclose Personal Information after signing it in the Philippines?

Yes, under the Data Privacy Act, you have the right to withdraw consent at any time, though this doesn't affect disclosures made before revocation. The authorization should specify the revocation process, and you must notify all parties in writing. Some exceptions apply where disclosure is required by law or court order.

Are there penalties for using an incomplete Authorization To Disclose Personal Information in the Philippines?

Yes, incomplete authorizations can result in violations of RA 10173, leading to administrative fines from PHP 500,000 to PHP 5 million depending on the nature of the violation. Personal information controllers may also face criminal penalties including imprisonment. Incomplete documents fail to provide legal protection for data processing activities.

Reviewed by

Swetha Meenal

Legal Engineer, GenieAI

Swetha Meenal profile photo

A lawyer, legal researcher and legal tech founder, Swetha has built AI products deployed inside Tier 1 firms and enterprises. She ensures GenieAI's alignment with the latest regulation and executes testing on the legal robustness of Genie output.

LinkedIn

Reviewed by

Imad Mohammed Nazar

Legal Engineer, GenieAI

Imad Mohammed Nazar profile photo

A Skadden-trained M&A lawyer, Imad advised on cross-border transactions and contractual risk before moving into legal AI. He reviews GenieAI's output for compliance and enforceability across our 150+ supported jurisdictions, as well as facilitating external benchmarking.

LinkedIn

Jurisdiction

Philippines

Reviewed by

Swetha Meenal & Imad Mohammed Nazar

Publisher

GenieAI

Category

Release of Information Form

Sector

Business

Cost

Free to use

Last updated

About the Authorization To Disclose Personal Information

An Authorization To Disclose Personal Information is a legal document that grants permission for the sharing of your personal data between parties under Philippine law. This document is essential for ensuring compliance with the Data Privacy Act of 2012 (Republic Act No. 10173), which requires explicit consent before any personal information can be processed, transferred, or disclosed to third parties.

When do you need this document?

You need this authorization whenever your personal information must be shared across different organizations or entities. Common scenarios include employment background checks where employers need to verify your previous work history, medical situations where healthcare providers must share your health records with specialists or insurance companies, and educational transfers where schools need to disclose academic records to other institutions. Financial institutions also require this document when sharing your banking information with loan processors or credit agencies. Government agencies may request this authorization when coordinating services that require inter-agency data sharing, and employers often need it when outsourcing payroll or benefits administration to third-party service providers.

Key legal considerations

The authorization must clearly specify the scope of personal information being disclosed, including whether it involves sensitive personal information such as health records, financial data, or government identification numbers. Under the Data Privacy Act, sensitive personal information requires heightened protection and more explicit consent requirements. The document should identify all parties involved, including the data subject, the disclosing entity (information controller), and the receiving organization. You must specify the exact purpose for disclosure and ensure it aligns with legitimate business or legal needs. The authorization should include time limitations, defining how long the consent remains valid and when the disclosed information must be deleted or returned. Additionally, the document should address your rights as a data subject, including the right to withdraw consent, access disclosed information, and file complaints with the National Privacy Commission if violations occur.

Legal requirements in Philippines

Under Republic Act No. 10173 and its Implementing Rules and Regulations, the authorization must meet specific criteria to be legally valid. The consent must be freely given, specific, informed, and unambiguous, meaning you cannot be coerced into providing authorization and must fully understand what information is being shared and why. The document must comply with NPC Circular No. 16-01 when government agencies are involved, ensuring additional security measures for personal data in government systems. Information controllers and processors must implement appropriate organizational and technical security measures to protect disclosed information during transmission and storage. The authorization must specify data retention periods and destruction procedures once the purpose is fulfilled. Both disclosing and receiving parties must maintain records of the authorization and any subsequent data processing activities. Failure to comply with these requirements can result in administrative fines, criminal liability, and civil damages under the Civil Code of the Philippines, making proper documentation essential for all parties involved.

GOVERNING LAW

Applicable law

This Authorization To Disclose Personal Information is drafted to comply with Philippines law. Key legislation includes:

Republic Act No. 10173 (Data Privacy Act of 2012): The primary legislation governing personal data protection in the Philippines, establishing requirements for processing personal information, rights of data subjects, and obligations of personal information controllers and processors
Implementing Rules and Regulations of the Data Privacy Act of 2012: Detailed regulations that implement the Data Privacy Act, providing specific guidelines on consent requirements, data subject rights, and security measures
NPC Circular No. 16-01: Guidelines on Security of Personal Data in Government Agencies, providing specific requirements for government entities handling personal information
Republic Act No. 386 (Civil Code of the Philippines): Provides the basic legal framework for contracts and obligations, including requirements for valid consent and legal capacity to enter into agreements
Republic Act No. 7394 (Consumer Act of the Philippines): Protects consumer interests and welfare, including provisions related to the protection of consumer information in commercial transactions
NPC Circular No. 2020-03: Guidelines on Data Sharing Agreements, providing requirements and safeguards for sharing personal data between entities

Explore 208,390+ legal templates

Explore 208,390+ legal templates

Genie's Security Promise

Genie is the safest place to draft. Here's how we prioritise your privacy and security.

Your data is private:

We do not train on your data; Genie's AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

We are ISO27001 certified, so your data is secure

Organizational security:

You retain IP ownership of your documents and their information

You have full control over your data and who gets to see it