One of the major issues a healthcare professional, and even a patient faces in the healthcare setting is privacy, and security of data being collected, shared, and used – such scenario are not only applicable in the hospital setting, but even in community or research.
Although every healthcare professional has swore an oath that put emphasis on the privacy, confidentiality, and security of data of every patient or procedure that they will be handling, they are still pressed with such issue due to inappropriate handling of information, causing the integrity of some healthcare professional to be tainted.
Protection of such data is important as this may potentially harm a patient if not handled properly. Currently, we have the ff that protect patient’s right to privacy, confidentiality, and security:
- Bill of Rights in our 1987 Constitution
- Republic Act 10175 or Cybercrime Prevention Act of 2012
- Republic Act 10173 or Data Privacy Act of 2012
- Philippine Medical Association of Ethics
- Magna Carta of Patient’s Bill of Rights and Obligations
Bill of Rights – 1987 Constitution. Article 3, Section 3:
“ The privacy of communication an correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise, as prescribed by law.”
Republic Act 10175: Cybercrime Prevention Act of 2012. Chapter II, Section 4:
The following acts constitute the offense of cybercrime punishable under this Act: (a) Offenses against the confidentiality, integrity and availability of computer data and systems: (1) Illegal Access. – The access to the whole or any part of a computer system without right. (2) Illegal Interception. – The interception made by technical means without right of any nonpublic transmission of computer data to, from, or within a computer system including electromagnetic emissions from a computer system carrying such computer data. (3) Data Interference. — The intentional or reckless alteration, damaging, deletion or deterioration of computer data, electronic document, or electronic data message, without right, including the introduction or transmission of viruses. …”
Republic Act 10173: Data Privacy Act of 2012. Section 13 & 19:
“Section 13. Sensitive Personal Information and Privileged Information. The processing of sensitive personal information and privileged information shall be prohibited, …except in the following instances: data subject consent; existing laws and regulations; to protect the life and health of data subject; lawful and noncommercial objectives of public organizations and associations; medical treatment; protection of lawful rights and interest of natural or legal person in court proceedings; or the establishment, exercise, or defense of legal claims; or, when provided to governments or public authority.”
Sec 19. Non Applicability. The …preceding sections are not applicable if the processed personal information are used only for the needs of scientific and statistical research….the personal information shall be held under strict confidentiality and …used only for the declared purpose.
The Philippine Medical Association’s (PMA) Code of Ethics. Article 2:
“Section 6. The physician should hold as sacred and highly confidential whatever may be discovered or learned pertinent to the patient even after death, except when required in the promotion of justice, safety and public health.”
The Magna Carta of Patient’s Bill of Rights and Obligations
“Right To Privacy and Confidentiality–The patient has the right to privacy and protection from unwarranted publicity. The right to privacy shall include the patient’s right not to be subjected to exposure, private or public, either by photography, publications, video-taping, discussion, or by any other means that would otherwise tend to reveal his person and identity and the circumstances under which he was, he is, or he will be, under medical or surgical care or treatment. … All identifiable information about a patient’s health status, medical condition, diagnosis, prognosis and treatment, and all other information of a personal kind, must be kept confidential even after death. Provided, That descendants may have a right of access to information that will inform them of their health risks. All identifiable Patient data must also be protected. The protection of the data must be appropriate as to the manner of its storage. Human substance from which identifiable data can be derived must be likewise protected.
Confidential information can be disclosed in the following cases: i. When the patient’s medical or physical condition is in controversy in a court litigation and the court, in its discretion, orders the patient to submit to physical or mental examination of a physician; ii. When public health or safety so demands; iii. When the Patient, or in his incapacity, his/her legal representative, expressly gives the consent; iv. When the patient’s medical or surgical condition is discussid in a medical or scientific forum for expert discussion for I his/her benefit or for the advancement of science and 6 medicine, Provided however, That the identity of the Patient should not be revealed; and v. When it is otherwise required by law.”
- http://www.senate.gov.ph/lisdata/1597713214!.pdf. Accessed November 26, 2014.