Security Privacy Confidentiality of Health Information in the Philippines
SECURITY, PRIVACY, AND CONFIDENTIALITY (SPC) OF HEALTH INFORMATION IN THE PHILIPPINES
DEFINITION OF TERMS
Due to the special nature of health information, the legal and technical aspects of the concepts of security, privacy, and confidentiality (SPC) have a particular meaning in the context of healthcare.
Privacy is the right of an individual to limit access to others to some aspect of their person. A more specific type of privacy is informational privacy (which is the notion of privacy we are most familiar with). Information privacy is the right of a person to determine at what time, in what way, and to what extent information about the person is communicated to others.
Confidentiality refers to the expectation that the information collected will be used for the purpose for which it is granted.
Security is defined as the policies, procedures, mechanisms, tools, technologies and accountability methods to support privacy.
A related concept to SPC specific to healthcare is Protected Health Information. Protected health information, under the US Health Insurance Portability and Accountability Act (HIPAA), is any information about health status, provision of health care, or payment for health care that can be linked to a specific individual. This is interpreted rather broadly and includes any part of a patient’s medical record or payment history. PHI that is linked based on a list of 18 identifiers must be treated with special care according to HIPAA.
LEGAL FRAMEWORK
SPC is enshrined in the Hippocratic Oath :
What I may see or hear in the course of treatment or even outside of the treatment in regard to the life of men, which on no account one must spread abroad, I will keep myself holding such things shameful to be spoken about.
Unfortunately, the Philippines does not currently have a specific law or act that pertains to SPC in healthcare. There are no SPC provisions in the Medical Act of 1959. Thrice in the Senate (by Dadivas, Cayetano, and Revilla), a
DEFINITION OF TERMS
Due to the special nature of health information, the legal and technical aspects of the concepts of security, privacy, and confidentiality (SPC) have a particular meaning in the context of healthcare.
Privacy is the right of an individual to limit access to others to some aspect of their person. A more specific type of privacy is informational privacy (which is the notion of privacy we are most familiar with). Information privacy is the right of a person to determine at what time, in what way, and to what extent information about the person is communicated to others.
Confidentiality refers to the expectation that the information collected will be used for the purpose for which it is granted.
Security is defined as the policies, procedures, mechanisms, tools, technologies and accountability methods to support privacy.
A related concept to SPC specific to healthcare is Protected Health Information. Protected health information, under the US Health Insurance Portability and Accountability Act (HIPAA), is any information about health status, provision of health care, or payment for health care that can be linked to a specific individual. This is interpreted rather broadly and includes any part of a patient’s medical record or payment history. PHI that is linked based on a list of 18 identifiers must be treated with special care according to HIPAA.
LEGAL FRAMEWORK
SPC is enshrined in the Hippocratic Oath :
What I may see or hear in the course of treatment or even outside of the treatment in regard to the life of men, which on no account one must spread abroad, I will keep myself holding such things shameful to be spoken about.
Unfortunately, the Philippines does not currently have a specific law or act that pertains to SPC in healthcare. There are no SPC provisions in the Medical Act of 1959. Thrice in the Senate (by Dadivas, Cayetano, and Revilla), a