PhilHealth

home | contact us | sitemap | disclaimer | privacy notice


Privacy Notice for Applicants and Employees

In carrying out its mandate under Republic Act (RA) No. 7875, as amended by RAs 9241 and 10606, which relates to the administration of the National Health Insurance Program (NHIP), the Philippine Health Insurance Corporation (“PhilHealth or “We”) collects and processes personal data. It does so in a manner that is consistent with the provisions of RA 10173, also known as the Data Privacy Act of 2012 (DPA).

PhilHealth commits to secure and keep confidential all its collected data. It also aims to uphold the fundamental rights to privacy of all individuals especially applicants and employees.

When Do We Collect Data

We collect personal data when you signify your interest to apply in any of the vacant positions in the Corporation, during your employment, and even before separation from service.

What Personal Data Do We Collect

We collect personal data which include, but are not limited to, applicant’s or employee’s personal information like name, age, sex, date of birth, email address, contact details, government-issued ID numbers, signature, family background, educational background, work experience, voluntary work or involvement in civic/non-government/trainings programs attended, learning and development interventions/training programs attended, character references and medical records. If you supply us with personal data of other individuals (e.g., person to contact in the event of an emergency), we will request you to certify that you have obtained the consent of such individuals before providing us with their personal data. Applicant’s data are collected for purposes of processing their application for employment and shall be retained by the corporation until such time that vacancy for the position applied for is filled-up.

Where Do We Get Personal Data

We collect personal data from the documents you submit which include, but are not limited to, Personal Data Sheet, Certificate of Employment, Statement of Assets, Liabilities and Networth, performance scorecards, medical records, and other documents as may be required by Human Resources Department (HRD) upon application, during employment, and before separation from service. There will also be times when we will acquire other forms of data like pictures or videos of activities you participate in, via official documentation of such activities, or through recordings from closed-circuit security television (CCTV) cameras installed within PhilHealth premises.

How We Use Personal Data

To the extent permitted or required by law, we use your personal data to pursue our legitimate interests as a health insurance corporation, employer, and/or contracting party, including a variety of administrative, research, historical and statistical purposes. For example, we may use the information we collect for purposes such as:

  1. 1. identifying applicants and processing their respective applications;
  2. 2. assessing the suitability of candidates for a particular position;
  3. 3. verifying the provided or submitted information;
  4. 4. checking background information;
  5. 5. evaluating academic qualifications;
  6. 6. administering remuneration, payroll, pension and other standard employment functions;
  7. 7. administering human resource-related processes, including those related to performance management and disciplinary issues;
  8. 8. delivering or providing facilities, services, security and staff benefits to employees;
  9. 9. facilitating claims and remittances for mandatory benefits;
  10. 10. supporting human resource learning and development, health, safety and welfare requirements;
  11. 11. compiling statistics and conducting surveys and research for internal and statutory reporting purposes;
  12. 12. upon separation, processing his/her personal data for the exit interview and to prepare his/her final pay;
  13. 13. providing assistance to, and account for, employees in case of emergency; and
  14. 14. performing such other processing or disclosure permitted or required by law.

We will not, under any circumstance, subject your personal data to any automated decision-making process without your prior consent or any authority granted by law.

Security of Personal Data

We have established necessary and appropriate physical, technical and organizational security measures to protect the personal data we collect and process. These safeguards are regularly reviewed and updated to ensure that they are constantly at par with international and industry standards. Access to your personal data is limited to authorized PhilHealth employees only and, on occasion, to third-party service providers who are required to implement security measures, provided, that a Non-Disclosure Agreement has been executed between PhilHealth and the third party.

How We Share or Disclose Personal Data

To the extent permitted or required by law, we may also share or disclose your personal data to other persons or organizations in order to uphold your interests and pursue ours when administering the NHIP. Among those reasons we share personal data are, as follows:

  1. 1. submission of relevant information to government agencies such as Civil Service Commission (CSC), Government Service Insurance System (GSIS), Pag-IBIG and Bureau of Internal Revenue (BIR) for the provision of employment benefits mandated by law, subject to the data sharing agreement to be executed by the contracting parties;
  2. 2. sharing of necessary information to contracted providers such as banks and other similar organizations, in relation to any or all of your loan applications and insurance claims subject to another Non-Disclosure Agreement between PhilHealth and respective banks or institutions; and
  3. 3. other purposes, when necessary and under circumstances permitted or required by law.
How We Retain and Dispose the Personal Data

As a general rule, we dispose of or delete collected data in accordance with the period prescribed by the National Archives of the Philippines and PhilHealth policies.

Rights of Data Subjects

Individuals whose personal data we collect are accorded rights by the DPA as data subjects. They may invoke such rights at any time, in accordance with the provisions of the law.

Changes to this Policy

This Privacy Notice becomes effective beginning on August 2, 2019 until subsequently amended. Revisions become effective immediately after being posted in areas visible to applicants and including PhilHealth’s website. PhiHealth shall also avail of other opportunities to communicate such changes.

Contact Information

If you have feedback, questions, complaints or other concerns regarding this Privacy Notice or PhilHealth’s data processing operations, you may relay them to us via our Data Protection Officer using the information below:

DATA PROTECTION OFFICER

(02) 441-7444 local 7493
Email: privacy.dpo@philhealth.gov.ph