PhilHealth

home | contact us | disclaimer | privacy notice


PhilHealth Closed-Circuit Television (CCTV) Privacy Notice

The Philippine Health Insurance Corporation (PhilHealth) is committed to protecting personal data collected through its Closed-Circuit Television (CCTV) systems in compliance with the Data Privacy Act of 2012 and NPC Circular No. 2024- 02 (Guidelines on CCTV Systems).

The Identity of the Personal Information Controller (PIC)

PhilHealth serves as the Personal Information Controller (PIC) responsible for managing CCTV surveillance data within the confines of its Regional Offices and Local Health Insurance Offices (LHIOs).

PhilHealth ensures compliance with data protection standards and implements measures to secure personal data.

Purpose of CCTV Monitoring

The use of CCN systems is justified under Section 12(f) of the Data Privacy Act of 2012, which allows processing of personal information for legitimate purposes related to security and organizational protection.

PhilHealth specifically uses CCTV systems to:

  1. Ensure safety and security: Enhance the protection of employees, clients, and visitors.
  2. Deter and respond to threats: Prevent and investigate incidents such as theft, vandalism, unauthorized access and other threats.
  3. Preserve public trust: Safeguard government property and maintain a secure environment for public service.

***CCTV surveillance is conducted strictly for security purposes and not for any unrelated processing activities.

Description or Nature of the Personal Data to Be Processed

PhilHealth's CCTV systems collect the following types of personal data:

Visual recordings of individuals within monitored areas, including employees, clients, visitors, and passersby.

CCTV systems are configured to capture video only and do not collect audio recordings.

Extent and Scope of Surveillance

Surveillance is limited to common and public areas such as entrances, exits, hallways, reception areas, waiting rooms, and parking spaces.

Retention of Footage

Recorded data shall be deleted after ___ days, unless an extended retention period is required to address ongoing security concerns or investigations.

Capabilities of the CCTV Systems

CCTV systems capture high-definition video recordings.

Rights of the Data Subject

As a data subject, you have the following rights under the Data Privacy Act of 2012:

  1. Right to Be lnformed
    You have the right to know how your personal data is collected, processed, and stored through PhilHealth's CCTV systems. This Privacy Notice serves to inform you of the purpose, scope, and duration of CCTV monitoring activities.

  2. Right to Access
    Access to personal data captured by CCTV systems, including footage involving the individual, may be requested through proper procedures of verification and applicable legal requirements.

  3. Right to Object
    You may object to the processing of your personal data based on legitimate interest or other lawful grounds, provided such objections do not undermine lawful security measures or other valid purposes of CCTV monitoring.

  4. Right to Rectification
    Errors or inaccuracies in the personal data processed through CCTV systems can be contested and corrected as appropriate.

  5. Right to Erasure or Blocking
    Requests for the removal, blocking, or destruction of personal data may be made when the processing is unlawful or no longer necessary for security purposes.

  6. Right to Damages
    Compensation for harm resulting from Inaccuracies, unauthorized processing, or misuse of CCTV data can be claimed in accordance with relevant laws.

  7. Right to Data Portability
    Personal data may be obtained in a structured, electronic format where applicable.

  8. Right to File a Complaint
    Complaints regarding the processing of personal data can be submitted to PhilHealth's Data Protection Officer (DPO) or the National Privacy Commission (NPC) for resolution.

    These rights ensure the protection of your personal data while balancing PhilHealth's legitimate interest in using CCTV systems for security and safety purposes.

    To exercise your rights, submit a written request to PhilHealth's DPO, following the procedure outlined in the Data Privacy Act of 2012 and applicable NPC Circulars.
Notice to Visitors

By entering PhilHealth Regional Offices or its Local Health Insurance Offices (LHIOs), individuals acknowledge the use of CCTV surveillance and the terms of this Privacy Notice.

Contact Information

For inquiries, requests, or complaints, you may contact:

DATA PROTECTION OFFICER

(02) 8441-7444 local 7425
Hotline: (02) 866-225-88

Email: privacy.dpo@philhealth.gov.ph