Data Privacy

NPC, DOH assert data privacy of COVID-19 patients

While encouraging patients to voluntarily submit pertinent information to proper authorities as a way of curbing the spread of the virus that causes COVID-19, the Philippines’ Department of Health (DPH) and the National Privacy Commission (NPC) assert the data privacy of patients.

In a joint statement, the two agencies said they will uphold the Republic Act No. 11332 or the Mandatory Reporting of Notifiable Diseases and Health Events of Public Health Concern Act and the Data Privacy Act of 2012 in processing COVID-19 patient data in pursuit of disease surveillance and response.

“The DOH and NPC stand firm against any form of unbridled disclosure of patients’ personal data to the public that has been proven to cause a real risk of severe harm to patients,” the statement read.


NPC looks into reports of COVID-19 privacy violation incidents

NPC warns ‘social vigilantes’ for threats against medical frontliners


The DOH assured patients that patient data will be shared only to “public health authorities and concerned health care providers for purposes of contact tracing and management of the disease. These personally identifiable data may also be disclosed to other government entities authorized based on DOH guidelines.”

They also reminded concerned authorities and entities of their legal obligation to protect patients’ privacy rights.

“We also remind public health authorities, concerned health care providers, and other government entities to ensure and protect the privacy of COVID-19 patient data and the data privacy rights of the patients. This way, we can help allay the fears of patients on COVID-related physical assaults, harassments, and discrimination, and encourage them to report their symptoms, take confirmatory tests, and submit themselves to treatments by proper authorities.”