Document Details

Uploaded by Deleted User

Rafael Alexis Resurreccion

Tags

data privacy health informatics information rights Philippines

Summary

This document discusses data privacy, specifically the rights related to personal data. It outlines the concepts of informed consent, access, rectification, and the right to object to the processing of personal data. It includes considerations for healthcare data breaches and the proportionality of data processing.

Full Transcript

HEALTH INFORMATICS 08/31/2024. MOD 2: DATA PRIVACY Rafael Alexis Resurr...

HEALTH INFORMATICS 08/31/2024. MOD 2: DATA PRIVACY Rafael Alexis Resurreccion, MD, FPCS Trans Group/s: 3B I. INTRODUCTION 7 Right to Rectify Technology and innovation have made communication and our way of life faster and easier, but if our personal 8 Right to Data Portability data and privacy have been compromised, it could affect not only our personal and social life, but also pose an impact on our finances. A. THE RIGHT TO BE INFORMED For example, we post our daily routine, vacation, and Personal data is not to be collected, processed, or shopping on social media. You registered your personal stored without an explicit consent data to be able to obtain this free item. Sometimes, your personal data are passed to different companies for B.THE RIGHT TO ACCESS profiling, or what they call direct marketing. But what if it The right of the individual to have reasonable access was used for something else? to his personal data, the manner in which this was This is where the Republic Act of 2012 comes in. obtained and processed, and the identity of the personal information controller II. RA NO. 10173: DATA PRIVACY ACT OF 2012 The Congress of the Philippines passed the Republic C. THE RIGHT TO OBJECT Act No. 10173 in 2012 Right of the individual to object to processing of Also known as the Data Privacy Act (DPA) of 2012 personal data Protects individuals from unauthorized processing Individuals have the absolute right to stop their data of personal information that is private — NOT from being used for direct marketing publicly available and identifiable Individuals must be informed of their right to object An individual can make an objection verbally or in writing 3 KEY ELEMENTS DATA Any individual who is the D. THE RIGHT TO ERASURE AND BLOCKING 1 Also known as the RIGHT TO BE FORGOTTEN SUBJECT source to obtain information Right to suspend, withdraw, or order the blocking or destruction of one’s personal data Determines the purpose and Individuals can make a request for erasure verbally or the manner for which the in writing personal data is processed DATA He/she is the actual 2 INFORMATION E. THE RIGHT TO DAMAGES beneficiary of the data CONTROLLER One may claim compensation if they suffered Task: control, review, compare, and aggregate web damages due to inaccurate, incomplete, outdated, analytics data false, or unlawfully obtained personal data Any individual or legal entity F. THE RIGHT TO FILE A COMPLAINT DATA subcontracted by the If one’s personal information has been misused, 3 maliciously disclosed, or improperly disposed of, PROCESSOR controller to process personal data they have the right to file a complaint G. THE RIGHT TO RECTIFY III. DATA SUBJECT’S RIGHTS Right to dispute and have corrected any inaccuracies Personal information must be held under strict or errors in one’s data confidentiality and for declared purpose only. H. THE RIGHT TO DATA PORTABILITY Allows individuals to obtain and reuse their personal DATA SUBJECT’S RIGHTS data for their own purposes across different services Allows them to move, copy, or transfer personal data 1 Right to be Informed easily from one IT environment to another in a safe and secure way without affecting its usability 2 Right to Access This enables individuals to take advantage of applications and services that can use data to find 3 Right to Object them a better deal The right only applies to information an individual has 4 Right to Erasure and Blocking provided to a controller. 5 Right to Damages 6 Right to File a Complaint Health Informatics - Mod 2 Data Privacy 1 of 3 The use of trans, practice questions, and evals ratio must be used discreetly and social media/public exposure of the aforementioned shall be strictly prohibited. IV. TRANSPARENCY, PURPOSE, AND IV. HEALTHCARE INDUSTRY PROPORTIONALITY The Philippine Law takes the approach that processing of personal data shall be allowed subject to adherence to the principles of transparency, legitimate purpose, and proportionality. Personal data should be processed fairly and lawfully. A. PRINCIPLE OF PROPORTIONALITY Requires that the processing of personal information must be relevant to, and must not exceed the declared purpose. In research, personal information shall be held under strict confidentiality and only for the declared purpose. Cybercrime in the healthcare system. COMPLIANCE WITH THE PRINCIPLE OF PROPORTIONALITY A total of 51% occur on healthcare data breaches 1 PERSONAL Description of personal data to 2 MAIN CAUSES OF HEALTHCARE DATA BREACHES DATA TO BE be entered into the system COLLECTED FAILURE TO Healthcare organizations fail to UPGRADE upgrade their cyberspace as quickly 2 PURPOSE The exact purposes for which as other businesses. they will be processed, such as for direct marketing, PATIENT Criminals find personal patient statistics, and research INFORMATION information valuable to exploit. In the healthcare setting: VALUABLE TO ○ Research EXPLOIT ○ Case presentations ○ Live surgeries More and more records are stored digitally. ○ Those that are presented ○ Finding and sharing information is easier, during societies’ reducing mistakes and providing better care. conventions or Thus, the challenge between the balance of security workshops of patient’s data and the need for productivity/ 3 BASIS Basis for processing, IN MEDICINE AND HEALTHCARE: especially when it is not based on one’s consent DATA SUBJECTS Patients 4 SCOPE AND Scope and method of one’s DATA INFORMATION Healthcare professionals METHOD OF personal data processing CONTROLLER PROCESSING 5 RECIPIENTS To whom the data may be PHYSICIANS SEE DATA PRIVACY IN THESE disclosed CONDITIONS: CLINICAL Both In-patient and out-patient scenarios 6 RECIPIENTS’ Methods used for automated PRACTICE ACCESS access by the recipient, and its expected consequences SURGICAL Conventions, workshops, round table for the data subject EDUCATION discussion and conferences 7 DATA Identity and contact details RESEARCH CONTROLLER of the personal information controller MEDICAL STUDENTS SEE DATA PRIVACY IN THESE 8 STORAGE The duration for which the CONDITIONS: DURATION data will be kept WARD WORK Upon obtaining data, history, ACTIVITIES physical examination 9 DATA One must also be informed of SUBJECT’S the existence of one’s rights CASE RIGHTS as a data subject PRESENTATION AND REPORTING Entails all the data processing COMMUNITY from data collection to data MEDICINE storage CONCLUSION Health Informatics - Mod 2 Data Privacy 2 of 3 The use of trans, practice questions, and evals ratio must be used discreetly and social media/public exposure of the aforementioned shall be strictly prohibited. 1 RIGHTS: always keep in mind the data subject’s rights regardless of whether you are the data subject or data controller 2 INFORMED CONSENT: should adhere to transparency, legitimate purpose, and proportionally 3 APPLY: the statements above in your profession and daily routine Health Informatics - Mod 2 Data Privacy 3 of 3 The use of trans, practice questions, and evals ratio must be used discreetly and social media/public exposure of the aforementioned shall be strictly prohibited.

Use Quizgecko on...
Browser
Browser