As several reports on attacks and discrimination against people suspected of having contracted the virus that causes COVID-19 mount, the Philippine Medical Association and Philippine College of Surgeons, and the Integrated Bar of the Philippines called on people under investigation and people under monitoring to “voluntarily” waive confidentiality.
The Philippines’ National Privacy Commission responded with a statement reiterating data privacy rights stating certain provisions in the law that “allow for contact tracing, treating patients, and addressing threats while guaranteeing the privacy that COVID-19 positive patients, PUIs, and PUMs.”
“The Data Privacy Act of 2012 (DPA) is not a hindrance to the COVID-19 response,” the commission said.
Have you read “NPC warns ‘social vigilantes’ for threats against medical frontliners“?
The statement mentioned the role of the Department of Health (DOH) in determining if “sharing medical information of individuals to private health institutions is consistent with the provisions of RA 11332 and other applicable protocols in a pandemic.”
Republic Act No. 11332 (An Act Providing Policies and Prescribing Procedures on Surveillance and Response to Notifiable Diseases, Epidemics, and Health Events of Public Health Concern) mandates patients, PUIs, and PUMs to be fully transparent and truthful to the Department of Health (DOH), our hospitals, and other pertinent public authority on the personal data (travel and medical history, etc.) requested from them. Such information will be material for health and local institutions to treat them and/or properly contain the spread of the infectious disease in a timely manner.
Provisions in RA 113322 state that authorities can penalize with imprisonment of fines patients from withholding required information.
Health information protocols
“The DOH has set management protocols requiring every health institution to triage patients in emergency rooms according to their conditions. These protocols are in place and designed to keep our health workers safe,” the NPC’s statement said.
It also affirms its earlier statement that government units should only collect basic and necessary details from citizens and whatever is gathered must be dealt with utmost data security.
“If a patient, PUI, or PUM himself or herself would want to disclose such information, as what some public figures have done, that is their personal choice,” NPC said. “On seeking consent, the DPA requires consent to be freely given, specific, and an informed indication of will that they indeed agree to the public disclosure. Informed consent requires that these patients, PUIs, or PUMs have been made aware of the risks that may arise from the disclosure, including the risk of being subjected to violent physical attacks as some COVID positive patients and their family members have experienced according to news reports.”
NPC further stressed that rules on patient privacy must be upheld “even in times of calamity or a state of a public health emergency.”