PhilHealth

home | contact us | disclaimer | privacy notice


Privacy Notice for Suppliers and Consultants

In carrying out its mandate under Republic Act (RA) No. 7875, as amended by RAs 9241 and 10606, which relates to the administration of the National Health Insurance Program (NHIP), the Philippine Health Insurance Corporation (herein referred to as “PhilHealth or “We”) collects and processes personal data. It does so in a manner that is consistent with the provisions of RA 10173, also known as the Data Privacy Act of 2012 (DPA).

PhilHealth commits to secure and keep confidential all its collected data. It also aims to uphold the fundamental right to privacy of all individuals they pertain to, especially suppliers and consultants, as applicable.

Personal Data We Collect

We collect, acquire or generate your personal data in many forms. They may consist of written records, photographic and video images, digital material. Examples include:

  1. 1. Information you provide prior to your engagement. When you bid for a certain project, we ask for your personal data through the Request for Quotation, Bid Forms, Statement of all Ongoing Government and Private Contracts including Contracts awarded but not yet started, Statement of Single Largest Completed Contract, resume of consultants or personnel involved in the implementation of certain projects, DTI/SEC/CDA Registration, valid and current Mayor’s Permit/Business License, Tax Clearance Certificate issued by BIR and Certificate of PhilGEPS registration.

  2. 2. Information we collect or generate upon commencement of your engagement. Once you agree to the terms of engagement, we will collect another set of information, but not limited to the following: (1) Performance record of the supplier in providing goods, civil works or consulting services to government, i.e., if the supplier/contractor/consultant is currently suspended or blacklisted; (2) Relationship by consanguinity or affinity between supplier and PhilHealth officers, as revealed in articles of incorporation; (3) Compliance of the supplier to professional and labor laws and standards as may be revealed upon generation of data from: PhilHealth, Social Security System, Home Development Mutual Fund, Department of Labor and Employment (as may be applicable) and the Professional Regulation Commission (4) Performance Security Bond; and (5) Non Disclosure Agreement.

  3. 3. Information we collect or generate during the engagement with PhilHealth. After you engage with PhilHealth, we may also collect additional information about you when we will acquire other forms of data like pictures or videos of activities you participate in, via official documentation of such activities, or through recordings from closed-circuit security television cameras installed within PhilHealth premises.

If you supply us with personal data of other individuals (e.g., person to contact in the event of an emergency), we will request you to certify that you have obtained the consent of such individuals before providing us with their personal data.

How We Use Personal Data

To the extent permitted or required by law, we use your personal data to pursue our legitimate interests as a health insurance corporation, employer, and/or contracting party, including a variety of administrative, research, historical and statistical purposes. For example, we may use the information we collect for purposes such as:

  1. 1. Identifying bidders and processing their respective bids;
  2. 2. Assessing the suitability in providing goods or services;
  3. 3. Verifying the provided or submitted information;
  4. 4. Evaluating qualifications;
  5. 5. Administering remuneration and payment for goods or services rendered;
  6. 6. Compiling statistics and conducting surveys and research for internal and statutory reporting purposes; and
  7. 7. Perform such other processing or disclosure permitted or required by law.

We will not, under any circumstances, subject your personal data to any automated decision-making process without your prior consent or any authority granted by law.

Security of Personal Data

We have established necessary and appropriate physical, technical and organizational security measures to protect the personal data we collect and process. These safeguards are regularly reviewed and updated to ensure that they are constantly at par with international and industry standards. Access to your personal data is limited to authorized PhilHealth personnel and, on occasion, third-party service providers who are required to implement security measures that are similar to or better than our own.

How We Share or Disclose Personal Data

To the extent permitted or required by law, we may also share or disclose your personal data to other persons or organizations in order to uphold your interests and pursue ours when administering the NHIP. Among those reasons we share personal data are, as follows:

  1. 1. Submission of information to government agencies such as PhilGEPS for transparency of bids and award notices and Bureau of Internal Revenue for taxes remittance; and
  2. 2. Other purposes, when necessary and under circumstances permitted or required by law.
How We Retain and Dispose the Personal Data

As a general rule, we dispose of or delete collected data in accordance with the period prescribed by applicable laws, or on occasion, PhilHealth Policy.

Rights of Data Subjects

Individuals whose personal data we collect are accorded rights by the DPA as data subjects. They may invoke such rights at any time, in accordance with the provisions of the law.

Changes to this Policy

This Privacy Notice becomes effective beginning on March 29, 2019 until subsequently amended. Revisions become effective immediately after being posted in areas visible to suppliers and including PhilHealth’s website. PhiHealth shall also avail of other opportunities to communicate such changes.

Contact Information

If you have feedback, questions, complaints or other concerns regarding this Privacy Notice or PhilHealth’s data processing operations, you may relay them to us via our Data Protection Officer using the information below:

DATA PROTECTION OFFICER

(02) 8441-7444 local 7425
Callback Channel: 0917-8987442 (PHIC)
Text "PHICcallback [space] Mobile No. or Metro Manila landline [space] details of your data privacy concern" and we will call you during office hours, weekdays only.

Callback requests will expire after 72 hours

Email: privacy.dpo@philhealth.gov.ph