Healthcare data and their protection in the philippines
1. ALFONSO SYOEI R. YOSHIDA M.D.
MI298 OUTPUT FOR OCTOBER 25, 2018
*
2. *
*ELECTRONIC MEDICAL RECORDS banks rich data about
the patient and their condition
*Data miners and hackers flock on these data
*These are source of income in such a way like;
*Creating false medical condition for certain patient’s data for
false insurance claim
*Using patient’s data to buy medication online
*There is a great vulnerability for healthcare data’s
protection means for the data miners and hackers to
attack
3. *
*May 2017 – WannaCry ransomwear attacked 61 NHS
trusts and hospitals in UK
*Earlier to this event – attack of Hollywood Presbyterian
Medical Center in Los Angeles, California
*Year earlier to above – attack of the Methodist Hospital
in Henderson, Kentucky
*Evidence of vulnerability of healthcare system data
4. *
*Each stakeholders (medical practitioners, health
solutions provider, health IT staff) should take the
situation seriously to formulate in counterfeiting the
threat that our medical data are facing
*In other countries, they are considering / engaging in
the utilization of BLOCKCHAIN TECHNOLOGY with a
hope that it will provide the security to the healthcare
data
*Example: ESTONIA successfully transformed the entire
country’s healthcare data to be in electronic form with
BLOCKCHAIN technology as platform for security
5. *
*Implementation of DATA PRIVACY ACT OF 2012
*Includes clause for data security measures
*However it transfers the responsibility of safeguarding
to each data processing officers of the stakeholders
without strong stand of government level measures
CHAPTER V
SECURITY OF PERSONAL INFORMATION
SEC. 20. Security of Personal Information. – (a) The personal information
controller must implement reasonable and appropriate organizational,
physical and technical measures intended for the protection of personal
information against any accidental or unlawful destruction, alteration and
disclosure, as well as against any other unlawful processing.
6. *
*Such as in Estonia’s transformation, it really takes
strong centrally (governmental level) organized action
in mitigating the problem of data security
*It is great that we have laws, which provides freehand
to stakeholders in implementing their own solutions
*But if all the measures implemented melt down, the
government can’t just sit there and blame the failure
*The government therefore should have meticulous
safety net measures laid down in the mentioned data
privacy act so as to really safeguard the valuable data
of each countrymen
7. *
*The NHS Ransomware Attack & Data Privacy in the Era
of Digital Health – Part One
https://medicalfuturist.com/the-nhs-ransomware-
attack-data-privacy-in-digital-health-part-one
*The NHS Ransomware Attack, Data Privacy & Security
in the Era of Digital Health – Part II.
https://medicalfuturist.com/the-nhs-ransomware-
attack-part-ii
*Data Privacy Act of 2012. https://privacy.gov.ph/data-
privacy-act/