In carrying out its mandate under Republic Act (RA) No. 7875, as amended by RAs 9241 and 10606, which relates to the administration of the National Health Insurance Program (NHIP), the Philippine Health Insurance Corporation (herein referred to as “PhilHealth or “We”) collects and processes personal data. It does so in a manner that is consistent with the provisions of RA 10173, also known as the Data Privacy Act of 2012 (DPA).
PhilHealth commits to secure and keep confidential all its collected data. It also aims to uphold the fundamental right to privacy of all individuals they pertain to, especially suppliers and consultants, as applicable.
We collect, acquire or generate your personal data in many forms. They may consist of written records, photographic and video images, digital material. Examples include:
If you supply us with personal data of other individuals (e.g., person to contact in the event of an emergency), we will request you to certify that you have obtained the consent of such individuals before providing us with their personal data.
To the extent permitted or required by law, we use your personal data to pursue our legitimate interests as a health insurance corporation, employer, and/or contracting party, including a variety of administrative, research, historical and statistical purposes. For example, we may use the information we collect for purposes such as:
We will not, under any circumstances, subject your personal data to any automated decision-making process without your prior consent or any authority granted by law.
We have established necessary and appropriate physical, technical and organizational security measures to protect the personal data we collect and process. These safeguards are regularly reviewed and updated to ensure that they are constantly at par with international and industry standards. Access to your personal data is limited to authorized PhilHealth personnel and, on occasion, third-party service providers who are required to implement security measures that are similar to or better than our own.
To the extent permitted or required by law, we may also share or disclose your personal data to other persons or organizations in order to uphold your interests and pursue ours when administering the NHIP. Among those reasons we share personal data are, as follows:
As a general rule, we dispose of or delete collected data in accordance with the period prescribed by applicable laws, or on occasion, PhilHealth Policy.
Individuals whose personal data we collect are accorded rights by the DPA as data subjects. They may invoke such rights at any time, in accordance with the provisions of the law.
This Privacy Notice becomes effective beginning on March 29, 2019 until subsequently amended. Revisions become effective immediately after being posted in areas visible to suppliers and including PhilHealth’s website. PhiHealth shall also avail of other opportunities to communicate such changes.
If you have feedback, questions, complaints or other concerns regarding this Privacy Notice or PhilHealth’s data processing operations, you may relay them to us via our Data Protection Officer using the information below:
(02) 8441-7444 local 7425
Callback Channel: 0917-8987442 (PHIC)
Text "PHICcallback [space] Mobile No. or Metro
Manila landline [space] details of your data privacy
concern" and we will call you during office
hours, weekdays only.
Callback requests will expire after 72 hours
Email: privacy.dpo@philhealth.gov.ph