Privacy Notice

Privacy Notice for Clients/Patients

Your privacy is important to Metro North Medical Center and Hospital, Inc. (“MNMCH”). We respect your privacy and we go to great lengths in protecting it in accordance with Data Privacy Act of 2012. This notice describes how medical information about you may be used and disclosed by MNMCH, how it is stored and what are your rights over your personal information. Please review this carefully.

Engaging the Services of MNMCH

By engaging the services of MNMCH, you warrant that you have read and agreed to MNMCH’s privacy policy and the changes/amendments. You warrant that you own or otherwise control the rights to the content that you submitted or provided us is true, complete and accurate.

Scope

This privacy notice applies to all medical records generated by MNMCH, whether made by hospital personnel or your personal doctor. It also applies to all personal information entered into your medical record by employees, staff, other hospital personnel, and affiliates of MNMCH (i.e., MSA-Pulmonary, AHHVI-Dietary, send-out laboratory, Northpole Medical Care and Diagnostic Center). All these persons and entities may share medical information with each other for purposes of medical treatment, payment, and/or other hospital operations as described herein.

Purpose

We create a record of the care and services you received at MNMCH. Your medical record is essential to enable us fulfill the health services you need, to provide you with the quality care and to comply with certain requirements under the laws and pertinent rules and regulations issued by the government. The following are the different ways by which MNMCH may use and disclose medical information about you:

Treatment

MNMCH may use and disclose your medical information to provide you medical treatment and services. Your medical information may be disclosed to doctors, nurses, trainees, other hospital personnel, and third party service providers involved in taking care of you.
Payment

MNCH may use and disclose your medical information, to the extent necessary and relevant, in order to account, bill and collect payment from you, HMOs, PhilHealth and/or your health insurance company for the services provided and received at the hospital. Likewise, your information may be processed and disclosed for purposes of mandatory compliance with the processing of claims and benefits with health care agencies.

Health Care Operations

MNMCH may use and disclose your medical information for health care operations, management, peer review, administration and planning in order to improve the quality and cost effectiveness of the services being delivered to you. MNMCH may also use your information to contact you to remind you of your appointment.

Processing Services

MNMCH will share your information with Personal Information Processor that perform various activities for the health system, such as but not limited to Finance Department, Customer Relations, Medical Records, Admitting and Information. MNMCH will ensure that such Personal Information Processors will respect and protect the privacy of your information.
Information dissemination of health-related benefits and services

MNMCH may use and disclose medical information to inform you about health-related benefits or services that may be of interest to you.
Hospital Directory (Bizbox System)

MNMCH has a hospital information system wherein all your information and transactions are electronically encoded and stored. Only authorized personnel are allowed to enter and view your account, wherein they have a designated password to promote security and accountability.
Marketing and Customer Relations

MNMCH Marketing Department and Customer Relations may use some of your information which are needed in enhancement and improvement of facilities and services through your accomplished customer feedback form.
Authorized Individual Involved in your Care

Subject to the provisions of Data Privacy Act of 2012, MNMCH may also release medical information about you to an authorized family member, relative, guardian and/or authorized representative involved in your medical care.
Required under the Law

MNMCH may disclose your information when necessary under the Data Privacy Act of 2012, when required by legal processes, such as, subpoena, or if necessary to protect MNMCH’s legal rights or to protect you or any individual whose safety is threatened.
With respect to Sensitive Personal Information and Privileged Information, the processing of these information is not allowed except:

When you give your consent;
Required by existing laws and regulations;
When processing is necessary to protect your life and health or another individual; and you are not or the individual is not legally or physically able to express his or her consent prior to the processing;
For purposes of medical treatment carried out by a medical practitioner; and
For the protection of lawful rights and interests of natural or legal persons in court proceedings, or the establishment, exercise or defense of legal claims, or when provided to government or public authority.
Retention of personal information

MNMCH retains your personal information for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws. Your consent to such purposes(s) remains valid after any termination of our relationship with you.

Only authorized MNMCH personnel has access to your medical records, the exchange of which shall be facilitated through email and hard copy through requisition form. We will convert the document form of your medical record into electronic form and store them in a filing system with accordance to the statutory and regulatory policies and to the standard policies and procedures of our institution as follows:

Document Retention Period Regulatory Body Disposition
Medical Records/Patient’s Chart 10 years Department of Health Shredding
Accounting Files 10 years Bureau of Internal Revenue Shredding
Official Receipt 5 years Bureau of Internal Revenue Shredding
Diagnostic Results
(Except: Histopathology results)

10 years Department of Health Shredding
Institutional forms
(Ex: Diagnostic request form, Patient information sheet)

3 years Metro North Medical Center and Hospital Inc. Policy Shredding
Physical records shall be disposed of through shredding, while digital files shall be anonymized.

Your Rights Over Your Medical Information

Subject to the limitations provided under the law and the policies of MNMCH, as the owner of the personal, sensitive, and privileged information, you have the right to request access to, and correction of, your personal information by sending us a written letter of request. You also have the right to suspend, withdraw or order the blocking, removal or destruction of your personal data from MNMCH’s filing system subject to the provisions of the law. All requests for access or correction to Personal Information will be responded to in writing within a reasonable period of time. As part of this process we will verify the identity of the individual requesting the information prior to providing access or making any changes.

Changes to this Policy

MNMCH may need to modify and amend this privacy notice from time to time to reflect our current privacy practices. We will inform you of material modifications to this policy in the future by posting changes on our website and/or through sending the changes via email.

Governing Law

This Privacy Policy, including all revisions and amendments thereto, is governed by the laws of the Republic of the Philippines, without regard to its conflict of law principles, which would require application of the laws of another jurisdiction.

If you have any questions about our policy or any complaint regarding the treatment of your privacy by us, please do not hesitate to contact us through our Data Privacy Officer.

Data Privacy Officer

Email: dpo@metronorthmedicalcenterandhospital.com

Telephone: (02) 8426-8000 loc. 426

You are also entitled to contact the National Privacy Commission, the primary agency in charge with the enforcement of the Data Privacy Act.

National Privacy Commission

Address: 3rd Floor, Core G, GSIS Headquarters Bldg., Financial Center, 1308, Pasay, Metro Manila, Philippines

Phone: +63 2 517 7810

Email: info@privacy.gov.ph