DATA PRIVACY NOTICE
Metro Davao Medical and Research Center Inc. (MDMRCI), stores and uses large amounts of personal data every day, such as medical records, personal records and computerized information. This data is used by many people in the course of their work.
The purpose of our Privacy Notice is to clearly communicate to you how MDMRCI handles your personal information. It will give you a better and more complete understanding of the type of personal information that the hospital holds about you and the way the hospital handles that information. By availing of the services provided by MDMRCI, you signify your acceptance of this policy and terms of services.
OUR SERVICE
The Metro Davao Medical and Research Center Inc (MDMRCI) is committed to be a trusted family-centered health and wellness institution for all its patients. Concomitant duty is the duty to safeguard the fundamental human right to privacy, uphold the rights of data subjects and adhere to the general data privacy principles of transparency, legitimate purpose and proportionality consistent with the requirements of the Data Privacy Act of 2012, its Implementing Rules and Regulations, National Privacy Commission issuances, and other relevant laws, rules and regulations.
WHAT PERSONAL INFORMATION ARE BEING COLLECTED FROM YOU?
MDMRCI collects personal information from various forms and sources depending upon the services you avail but which may include but not limited to the following:
- Hospital
As a hospital, the specific personal information that we will collect from you includes but is not necessarily limited to your name, age, birthdate, sex, civil status, home/office address, contact details, e-mail address, race, religion, mother’s and father’s details, spouse’s details, sexual life, your health information including medical diagnosis, biometrics (such as height and weight) biological information (blood type), medical history, vital signs, medicine intake, medical results of X-rays, Ct scans, laboratory results and other diagnostic procedures, medical procedures conducted, and government identification numbers (SSS, Pag-Ibig, PhilHealth, GSIS and other insurance details).
Additional information such as occupation, income, physical/mental disabilities or limitations, medical conditions, ethnic origin and the like are likewise collected for the classification of patients and availment of Medical Social Services.
Also, as part of the hospital measure to protect patient’s confidentiality, a unique numerical identifier referred to as the Patient ID number is assigned to every patient and client availing of the services.
- Training
As a training institution and/or base hospital, we collect personal information from our trainees, interns, clerks, and on-the-job trainees such as the names and educational background, school or organization affiliation and other information we obtained through interviews, medical information upon consultation to our clinics, incidents that have disciplinary sanctions (e.g. violation of the MDMRCI rules and regulations), pictures and videos of activities you have participated as official documentation and closed-circuit television (CCTV) recordings in the MDMRCI premises.
- Research
Upon submission of research papers, personal information collected in our registration and application form includes the principal investigator and team member(s) names, home/business address, educational background and contact details such as email address, mobile and telephone number.
- Human Resource Management
Personal information collected as part of our recruitment and selection process include the applicant(s) name, age, sex, city and provincial address, date and place of birth, civil status, religion, height, weight, dialects and language spoken, hobbies, contact information (telephone, mobile phone number and email address), family members background details (name of the parents and sibling(s), name of the mother and father-in-law, age, date of birth, their occupation), educational attainment (elementary to college, post-graduate course, seminars and studies attended), government identification numbers (SSS, Pag-Ibig, PhilHealth, PRC license number), working experience(s) and character reference(s).
- Security
Upon entry and exit of MDMRCI, we require you to deposit a proof of identity (ID) for verification purposes. For those with vehicles, we take note of your vehicle plate number.
MDMRCI is equipped with CCTV cameras to help us ensure safety and security of the patients, the employees and the establishment.
HOW AND WHY DO WE COLLECT YOUR PERSONAL INFORMATION?
We collect and use your personal information only to the extent allowed by law and existing rules and regulations. This includes primarily to pursue our legitimate interests as a training and research healthcare institution, specifically as:
- Hospital
We use your information in relation to the healthcare services we provide and ensure that appropriate treatment will be made to you as our patient. We also use your information to process PHIC claims or Insurance claims, availment of Medical Social Services, process payments and hospital bills, collect unpaid accounts, comply with hospital and department accreditation and comply with all regulatory and legal requirements including court orders and statutory mandate like reporting of communicable diseases.
- Training
We use the information to process the trainee’s admission, to validate their identity and to determine the area where they may be assigned for training purposes.
- Research
We collect the information mainly to identify, supervise, coordinate and monitor the implementation of MDMRCI research programs.
- Human Resource Development
We collect your personal information mainly to determine the applicant(s) eligibility for employment or promotion including the verification of qualifications and for background checking. Personal information is likewise collected for the processing of salaries or compensation, statutory deductions, entitlements and benefits.
- Security
We collect the information mainly as a security measure. CCTV cameras serve as a deterrent for the commission of offense in the premises and may help us in the conduct of investigation, if any. Data may be useful likewise for planning, policy-making and service improvement purposes.
DO WE SHARE YOUR PERSONAL INFORMATION WITH OTHER INSTITUTIONS?
Yes. We share your personal and health information to confirm, bill and receive payment for health care services that we or others provide to you. This includes submission of your health information to receive payment from Philhealth, your health maintenance organization (HMO), insurance company, or other party that pays for some or all of your health care or to verify that your payor will pay for your health care. We may also tell your payor about a treatment you are going to receive to determine whether your payor will cover the treatment. For certain services, if your permission is needed to release health information to obtain payment, you will be asked for permission.
In cases of non-payment, your personal and health information will be sent to legal services for collection purposes who may conduct credit investigations and send demand letters to collect payment for services rendered to you.
We also share your data to the Department of Health which requires submission of relevant personal information of patients with certain non-communicable and/or communicable disease, injuries, etc. for purposes of disease surveillance pursuant to a law.
In some instances, sharing of personal information is necessary when ordered lawfully to do so by a court of competent jurisdiction or an agency pursuant to a subpoena.
We may also share personal information with our service providers, other healthcare institutions, partner schools and related entities who provide products and services to realize the legitimate purpose as a healthcare institution.
HOW DO WE PROTECT YOUR PERSONAL INFORMATION? HOW LONG WILL WE STORE YOUR DATA?
We guarantee that only authorized personnel have access to your personal information in our files.
We have likewise instituted reasonable and appropriate physical, technical, and organizational measures to protect your personal data against unauthorized processing, access or disclosure, accidental loss or improper disposal, including access due to negligence.
We store your personal data in accordance with period guidelines and limitations provided by the National Archives of the Philippines and the Department of Health for retention of medical records.
How can you contact us?
If you have any inquiries and /or concerns regarding your personal information, you may contact our Data Privacy Officer thru the following contact details:
Data Protection Officer
Tel #: (082) 287-7777 local 8800
Email address: mdmrci.qaofficer@gmail.com
You may also wish to contact the National Privacy Commission with the following details:
National Privacy Commission
5th Floor Delegation Building, PICC Complex, Roxas Boulevard
Trunkline No.: 8234-222
Email address: privacy.gov.ph