An organization of data protection officers in the country has thrown its support behind the National Privacy Commission (NPC), which maintained that patients should not wave their privacy rights regarding their health status.
Earlier, the Integrated Bar of the Philippines (IBP), the Philippine Medical Association (PMA), and the Philippine College of Surgeons (PCS) made a joint plea for patients to voluntarily waive the confidentiality of their medical condition and inform those they have been in close contact with.
In a statement on Tuesday, April 7, the National Association of Data Protection Officers of the Philippines (NADPOP) said it agrees with the statement of NPC “that authorities and institutions should collect only what is necessary and share information only to the proper authority.”
“NADPOP believes that there’s no conflict with the Data Privacy Act of 2012 (DPA) and Republic Act. No. 11332 (An Act Providing Policies and Prescribing Procedures on Surveillance and Response to Notifiable Diseases, Epidemics, and Health Events of Public Health Concern) as far as using personal information for contact tracing is concerned,” said Sam Jacoba, NADPOP founding president.
Jacoba said his group concurs with the NPC’s position that it should be the sole discretion of a Covid-19 patient, PUI (person under investigation) or PUM (person under monitoring) whether or not to disclose his or her health information.
“At the end of the day, authorities should not force patients, PUIs or PUMs to waive their right to privacy, but should instead set up security measures to protect those whose privacy has already been disclosed or compromised.” Jacoba added.
With government authorities developing contact tracing information systems and applications, Jacoba also sought the assistance of privacy and cyber-security professionals to help ensure the confidentiality of sensitive personal information.
“This should also be done for those systems that collect personal information to provide aid to disadvantaged members of society, as well as those raising funds for hospitals and front-liners,” Jacoba stated.
The privacy group warned that various databases containing sensitive personal information that are emerging recently could become easy targets for hackers and other bad elements. “It is thus imperative for data privacy and security professionals to be more vigilant by helping the review of these data systems and helping those managing them to institutionalize data protection measures,” Jacoba declared.