PhilHealth

home | contact us | sitemap | disclaimer | privacy notice


Privacy Notice for Members and
Health Care Professionals

In carrying out its mandate under Republic Act (RA) No. 7875, as amended by RAs 9241 and 10606, which relates to the administration of the National Health Insurance Program (NHIP), the Philippine Health Insurance Corporation (“PhilHealth or “We”) collects and processes personal data. It does so in a manner that is consistent with the provisions of RA 10173, also known as the Data Privacy Act of 2012 (DPA).

PhilHealth commits to secure and keep confidential all its collected data. It also aims to uphold the fundamental right to privacy of all individuals they pertain to, especially PhilHealth members and their dependents and health care professionals.

Personal Data We Collect

We collect data that are necessary to fulfill our functions and activities relative to the implementation of the NHIP when you:

  1. 1. fill out any of our forms, either electronically or manually;
  2. 2. register in and use our online services;
  3. 3. avail PhilHealth benefits; and
  4. 4. contact us via phone, email or any other means.

They include, but are not limited to, member’s name, age, sex, date of birth, email address, contact details, health information, employment details, government-issued ID numbers, signature, and details about his or her dependents (spouse, children, and parents). Additional information are collected from health care professionals in relation to their residency training and medical affiliations. CCTV camera footages of both PhilHealth personnel and visitors are also recorded within our office premises.

You may visit https://www.philhealth.gov.ph/privacy/ to read the Privacy Notice, specific to our website.

How We Use Personal Data

In accordance with our mandate to implement the NHIP, we may use and process collected personal data for any or all of the following purposes:

  1. 1. to process member registration;
  2. 2. to process accreditation registration;
  3. 3. to process the payment of premiums;
  4. 4. to process reimbursement of benefit and claims;
  5. 5. to establish and maintain PhilHealth database and records;
  6. 6. to investigate incidents that involve PhilHealth-accredited health care professionals or facilities;
  7. 7. to compile and generate reports for statistical and research purposes;
  8. 8. to relay or communicate queries, clarifications and official announcements; and
  9. 9. to accomplish other compatible purposes allowed by law.

We will not, under any circumstances, subject your personal data to any automated decision-making process without your prior consent or any authority granted by law.

Security of Personal Data

We have established necessary and appropriate physical, technical and organizational security measures to protect the personal data we collect and process. These safeguards are regularly reviewed and updated to ensure that they are constantly at par with international and industry standards. Access to your personal data is limited to authorized PhilHealth personnel and, on occasion, third-party service providers who are required to implement security measures that are similar to or better than our own.

How We Share or Disclose Personal Data

To the extent permitted or required by law, we may also share or disclose your personal data to other persons or organizations in order to uphold your interests and pursue ours when administering the NHIP. Among those reasons we share personal data are, as follows:

  1. 1. to provide 24/7 call center service when addressing issues and concerns of members, health care professional, and health care providers;
  2. 2. to facilitate the remittance of premiums through Accredited Collecting Agents, like banks;
  3. 3. to conduct research or surveys for purposes of institutional development;
  4. 4. to report and/or disclose information to the National Privacy Commission (NPC) and other government agencies, when so required or allowed by law; and
  5. 5. to comply with court orders, subpoenas, and or other legal obligations.
How We Retain and Dispose the Personal Data

As a general rule, we dispose of or delete collected data in accordance with the period prescribed by applicable laws, or on occasion, PhilHealth policy. Sometimes, we retain relevant personal data for historical and statistical purposes.

Rights of Data Subjects

Individuals whose personal data we collect are accorded rights by the DPA as data subjects. They may invoke such rights at any time, in accordance with the provisions of the law.

On the other hand, if there are inaccuracies in their records that need to be corrected or updated, members must notify PhilHealth immediately through any of its Local Health Insurance Offices or Branches.

Changes to this Notice

This Privacy Notice becomes effective on March 29, 2019 until subsequently amended. Revisions become effective immediately after being posted in areas visible to applicants and members, including PhilHealth’s website. PhiHealth shall also avail of other opportunities to communicate such changes.

Contact Information

If you have feedback, questions, complaints or other concerns regarding this Privacy Notice or PhilHealth’s data processing operations, you may relay them to us via our Data Protection Officer using the information below:

DATA PROTECTION OFFICER

(02) 8441-7444 local 7425
Callback Channel: 0917-8987442 (PHIC)
Text "PHICcallback [space] Mobile No. or Metro Manila landline [space] details of your data privacy concern" and we will call you during office hours, weekdays only.

Callback requests will expire after 72 hours

Email: privacy.dpo@philhealth.gov.ph