April Joy Guiang

December 23, 2016

Atty. Jill Lopez

Thesis I

THESIS SENTENCE OUTLINE

I.

Provisional Thesis Title:

Protecting the Right of Patients to Health Informational Privacy in the Course of
Telemedicine Practice in the Philippines

II.

Thesis Statement:
While there are numerous laws that protect the right of a person to privacy, there is no
law even the Data Privacy Act of 2012 that protects the right to health
informational privacy of patients of telemedicine in the Philippines.

III.

Legal Question:
A. Main question: Whether or not there is ample protection to the right to health
informational privacy of patients of telemedicine in the Philippines?
B. Sub-questions:
a. Whether or not existing jurisprudence and statutes are enough basis to
enforce the protection of right to informational privacy of telemedicine
patients?
b. Whether or not the Data Privacy Act contemplates the protection of
medical information in information and communications technology
systems?
c. Whether or not there is a need to legislate a law that specifically regulates
the practice of telemedicine and the handling of medical information in the
course of providing medical services through virtual platforms in order to
the right to informational privacy of patients?

IV.
I.

Legal Basis:
Generally, telemedicine is a means of delivering health-related services and
information via telecommunications technologies such as videoconferencing, email,
phone calls[,] or short messaging systems (SMS).1
A. According to a private telemedicine service provider in the Philippines,
telemedicine is a multiplatform technology, which uses videoconferencing

Carl Antonio, et al., Health Information Privacy in the Philippines: Trends and Challenges in Policy and Practice,
PRIVACY IN THE DEVELOPING WORLDPHILIPPINES MONOGRAPH SERIES, 1, 3 (2012).

II.

[facilities], high-definition cameras, [and] computers, among others, to remotely

consult with doctors or diagnose patients.2
B. Adopting the World Health Organization definition, the National TeleHealth
Service Program defines telemedicine as the delivery of health and health-related
services and information from a distance [sic] with the use of ICT for diagnosis,
treatment[,] and prevention of diseases and injuries, research and evaluation, and
continuing education[.]3
C. Telemedicine services are made available by government through the National
Telehealth Service Program (NTSP), which is a collaborative project between the
Department of Health and the National Telehealth Center to provide telemedicine
services in fourth to sixth class municipalities in the Philippines.4 In a nutshell,
NTSP facilitates consults between primary care physicians in geographically
isolated and disadvantaged areas (GIDA) and clinical specialists of the Philippine
General Hospital (PGH) using a mobile and internet-based interface and triaging
system.5
D. It allows for the sharing of medical information not only between a patient and his
referring doctor but also between and among health care providers and
government agencies. 6
A closer examination of existing laws and jurisprudence would show that the
protection to the right to informational privacy, as afforded by the 1987 Philippine
Constitution, the New Civil Code, the Revised Penal Code, special laws, and
jurisprudence, is too general and inadequate in light of the developments in the
application of information and communications technology in the provision of
medical care.
A. Concerns relating to standards for use, confidentiality, and privacy are considered
hinder the use of telemedicine, despite of its benefits in terms of enhancing health
service delivery to geographically-isolated areas.7
1. The concept of informational privacy is a product of the
evolution of the concept of privacy as influenced by technological
advancements.8

PREGINET, PH healthcare facilities shift gears to telemedicine through PREGINET, available at

http://pregi.net/uncategorized/ph-healthcare-facilities-shift-gears-to-telemedicine-through-preginet/, last accessed
Dec. 23, 2016.
3
National Telehealth Center, NTSP as a Tool for Good Governance on Health, available at
https://telehealth.ph/project-ntsp/, last accessed Dec. 23, 2016.
4
Id.
5
Id.
6
Carl Antonio, et al., supra note 1 at 3, citing David A Fleming, Ethics Conflicts in Rural Communities: Health
Information Technology available at http://dms.dartmouth.edu/cfm/resources/ethics/ last accessed Dec. 23, 2016.
7
Rajesh Sivaswamy & Jidesh Kumar, Doctors on the Internet - Legal and practical implications. 12 Eubios Journal
of Asian and International Bioethics 185-8 (2002).

2. Forces of a technological age such as industrialization,

urbanization, and organization are potent factors which operate to
narrow the area of privacy and facilitate intrusion into it.9
3. The right to privacy is not intended to stifle scientific and
technological advancements that enhance public service and the
common good. 10
4. Rather, it merely requires that the law be narrowly focused and a
compelling State interest (or legitimate and overriding State
interest) justify such intrusion.11
B. It could be gleaned in the review of existing laws that the general protection to the
right to privacy as provided in the Constitution and the New Civil Code becomes
inadequate because of the [e]volution of the scope and context of privacy and
confidentiality brought about by use of information and communications
technology in healthcare.12
1. No less than the 1987 Philippine Constitution mandates the
inviolability of the right to privacy of communication and
correspondence. 13 The law provides that [t]he privacy of
communication and correspondence shall be inviolable except
upon lawful order of the court, or when public safety or order
requires otherwise, as prescribed by law.14
2. Philippine jurisprudence is as empathic in protecting the right to
privacy, as can be gleaned in the Supreme Courts pronouncement
in Zulueta v. Court of Appeals 15 where the constitutional
injunction declaring the privacy of communication and
correspondence [to be] inviolable is no less applicable simply
because it is the wife (who thinks herself aggrieved by her
husbands infidelity) who is the party against whom the
constitutional provision is to be enforced.16

Vivares v. St. Theresa's College, G.R. No. 202666, September 29, 2014 citing Reynato S. Puno, Retired Chief
Justice of the Supreme Court, The Common Right to Privacy, Remarks (transcript available at
http://sc.judiciary.gov.ph/speech/03-12-08-speech.pdf. (last accessed Dec. 23, 2016)).
9
Morfe v. Mutuc, 22 SCRA 424, January 31, 1968.
10
Ople v. Torres, 293 SCRA 141, July 23, 1998.
11
Imbong v. Ochoa, G.R. No. 204819, April 8, 2014 (J. Reyes, concurring and dissenting opinion).
12
Carl Antonio, et al, supra note 1.
13
PHIL. CONST. art. III, 3 (1).
14
Id.
15
Zulueta v. Court of Appeals, G.R. No. 107383, February 20, 1996.
16
Id.

3. However, the right to privacy in the 1987 Philippine Constitution

is not meant to be invoked against acts of private individuals, as it
is directed only against the government.17
4. Civil liabilities may be incurred as a consequence of violations of
right to privacy committed by private individuals and public
officers.18
a. Article 19 of the New Civil Code provides that [e]very
person must, in the exercise of his rights and in the
performance of his duties, act with justice, give everyone
his due, and observe honesty and good faith.19
b. Article 20 of the New Civil Code provides that [e]very
person who, contrary to law, wilfully or negligently causes
damage to another, shall indemnify the latter for the
same.20
c. Article 21 of the New Civil Code provides that [a]ny
person who wilfully causes loss or injury to another in
manner that is contrary to morals, good customs or public
policy shall compensate the latter for the damage.21
d. Article 26 of the New Civil Code provides that [e]very
person shall respect the dignity, personality, privacy and
peace of mind of his neighbors and other persons. The
following and similar acts, though they may not constitute a
criminal offense, shall produce a cause of action for
damages, prevention and other relief:
(1) Prying into the privacy of another's residence;
(2) Meddling with or disturbing the private life or family
relations of another;
(3) Intriguing to cause another to be alienated from his
friends; (4) Vexing or humiliating another on account of his
religious beliefs, lowly station in life, place of birth,
physical defect, or other personal condition.22
e. Article 32 of the New Civil Code provides that [a]ny
public officer or employee, or any private individual, who
directly or indirectly obstructs, defeats, violates or in any
17

People v. Marti, 193 SCRA 57, January 18, 1991 and Waterous Drug Corporation v. National Labor Relations
Commission, 280 SCRA 735, October 16, 1997.
18
An Act to Ordain and Institute the Civil Code of the Philippines [CIVIL CODE] Republic Act No. 386, art. 19, 20,
21, 26, 32, and 2176 (1950).
19
Id., art. 19.
20
Id., art. 20.
21
Id., art. 21.
22
Id., art. 26.

manner impedes or impairs any of the following rights and

liberties of another person shall be liable to the latter for
damages:

(9) The right to be secure in one's person, house, papers,

and effects against unreasonable searches and seizures;

The indemnity shall include moral damages. Exemplary

damages may also be adjudicated.
The responsibility herein set forth is not demandable from a
judge unless his act or omission constitutes a violation of
the Penal Code or other penal statute.23
f. Nonetheless, none of these provisions of law deal squarely
with the possible civil liabilities enforceable in case of
breach of privacy and confidentiality in the context of
telemedicine practice.
5. Criminal liabilities may be incurred as a consequence of violations
of right to privacy committed by private individuals and public
officers.24
a. Article 228 of the Revised Penal Code provides that [a]ny
public officer not included in the provisions of the next
preceding article who, without proper authority, shall open
or shall permit to be opened any closed papers, documents
or objects entrusted to his custody, shall suffer the penalties
of arresto mayor, temporary special disqualification and a
fine not exceeding 2,000 pesos.25
b. Article 229 of the Revised Penal Code provides that [a]ny
public officer who shall reveal any secret known to him by
reason of his official capacity, or shall wrongfully deliver
papers or copies of papers of which he may have charge
and which should not be published, shall suffer the
penalties of prisin correccional in its medium and
maximum periods, perpetual special disqualification and a
fine not exceeding 2,000 pesos if the revelation of such
secrets or the delivery of such papers shall have caused
serious damage to the public interest; otherwise, the
penalties of prisin correccional in its minimum period,
23

Id., art. 32.

Articles 228, 229, 230, 290, and 291 of the Revised Penal Code
25
An Act Revising the Penal Code and Other Penal Laws [REVISED PENAL CODE], Act No. 3815, art. 228 (1932).
24

temporary special disqualification and a fine not exceeding

500 pesos shall be imposed.26
c. Article 230 of the Revised Penal Code provides that [a]ny
public officer to whom the secrets of any private individual
shall become known by reason of his office who shall
reveal such secrets, shall suffer the penalties of arresto
mayor and a fine not exceeding 1,000 pesos.27
d. Article 290 of the Revised Penal Code provides that [t]he
penalty of prisin correccional in its minimum and medium
periods and a fine not exceeding 500 pesos shall be
imposed upon any private individual who in order to
discover secrets of another, shall seize his papers or letters
and reveal the contents thereof.28
If the offender shall not reveal such secrets, the penalty
shall be arresto mayor and a fine not exceeding 500 pesos.
e. Article 291 of the Revised Penal Code provides that [t]he
penalty of arresto mayor and a fine not exceeding 500
pesos shall be imposed upon any manager, employee, or
servant who, in such capacity, shall learn the secrets of his
principal or master and shall reveal such secrets.29
f. Nonetheless, none of these provisions of law deal squarely
with the possible criminal liabilities enforceable in case of
breach of privacy and confidentiality in the context of
telemedicine practice.
C. Although the right to privacy in relation to the healthcare system is also given
protection by special laws, a review of pertinent special laws would show that
these are still inadequate to properly cover the health information privacy of a
patient in the context of telemedicine practice.
1. Section 24 of The Medical Act of 1959 provides possible grounds for
reprimanding a physician, one of which is violating the provisions of
the Code of Ethics promulgated by the Philippine Medical
Association.30
2. The Philippine AIDS Prevention and Control Act of 1998 provides
that the State shall extend to every person suspected or known to be
infected with HIV/AIDS full protection of his/her human rights and

26

Id., art. 229.

Id., art. 230.
28
Id., art. 290.
29
Id., art. 291.
30
The Medical Act of 1959, Republic Act No. 2382, 24 (1959).
27

civil liberties. Towards this end: (1) compulsory HIV testing shall be
considered unlawful unless otherwise provided in [the same Act].31
3. The Philippine AIDS Prevention and Control Act of 1998 also
provides that all health professionals, medical instructors, workers,
employers, recruitment agencies, insurance companies, data encoders,
and other custodians of any medical record, file, data, or test results
are directed to strictly observe confidentiality in the handling of all
medical information, particularly the identity and status of persons
with HIV Any violation of medical confidentiality as provided in
[Sections] 30 and 32 of [the same Act] shall suffer the penalty of
imprisonment for six (6) months to four (4) years, without prejudice to
administrative sanctions such as fines and suspension or revocation of
the violator's license to practice his/her profession, as well as the
cancellation or withdrawal of the license to operate any business entity
and the accreditation of hospitals, laboratories[,] or clinics.32
4. Section 60 of the Comprehensive Dangerous Drugs Act of 2002
provides that [j]udicial and medical records of drug dependents under
the voluntary submission program shall be confidential and shall not
be used against him for any purpose, except to determine how many
times, by himself/herself or through his/her parent, spouse, guardian or
relative within the fourth degree of consanguinity or affinity, he/she
voluntarily submitted himself/herself for confinement, treatment and
rehabilitation or has been committed to a Center under this
program.33
5. In connection with this, Section 67 of the Comprehensive Dangerous
Drugs Act of 2002 provides that [u]pon the dismissal of the
proceedings against the accused, the court shall enter an order to
expunge all official records, other than the confidential record to be
retained by the DOJ relating to the case. Such an order, which shall be
kept confidential, shall restore the accused to his/her status prior to the
case. He/she shall not be held thereafter to be guilty of perjury or of
concealment or misrepresentation by reason of his/her failure to

31

An Act Promulgating Policies and Prescribing Measures for the Prevention and Control of HIV/AIDS in the
Philippines, Instituting a Nationwide HIV/AIDS Information and Educational Program, Establishing a
Comprehensive HIV/AIDS Monitoring System, Strengthening the Philippine National AIDS Council, and for Other
Purposes [Philippine AIDS Prevention and Control Act of 1998] Republic Act No. 8504, 2 (b) (1998).
32
Philippine AIDS Prevention and Control Act of 1998, 30 and 33.
33
An Act Instituting the Comprehensive Dangerous Drugs Act of 2002, Repealing Republic Act No. 6425,
Otherwise Known As The Dangerous Drugs Act of 1972, as Amended, Providing Funds Therefor, and for Other
Purposes [Comprehensive Dangerous Drugs Act of 2002] Republic Act No. 9165, 60 (2002).

III.

IV.

34

acknowledge the case or recite any fact related thereto in response to

any inquiry made of him for any purpose.34
6. Section 44 of the Anti-Violence Against Women and Their Children
Act provides that [a]l records pertaining to cases of violence against
women and their children including those in the barangay shall be
confidential and all public officers and employees and public or
private clinics to hospitals shall respect the right to privacy of the
victim. Whoever publishes or causes to be published, in any format,
the name, address, telephone number, school, business address,
employer, or other identifying information of a victim or an immediate
family member, without the latter's consent, shall be liable to the
contempt power of the court.
Any person who violates this provision shall suffer the penalty of one
(1) year imprisonment and a fine of not more than Five Hundred
Thousand pesos (P500,000.00).35
7. These provisions of special laws do not contemplate the breach of
health informational privacy in the context of telemedicine practice, as
their application is limited to specific medical information only. Thus,
the breach in the privacy and confidentiality with respect to other
medical information outside the scope of these laws will not be legally
actionable.
There is no existing law that specifically regulates the practice of telemedicine in the
Philippines as House Bills No. 6336 36 and 4149 37 were left unpassed. These bills
proposed possible mechanisms for the protection of right to privacy in the practice of
telemedicine.
Nonetheless, it is arguable that standards provided under the Philippine Medical Act
of 1959 apply perforce to telemedicine and thus provide, albeit indirectly and
limitedly, protection of the right to privacy from the unlawful acts and/or omissions
of medical practitioner.38
A. The definition of acts constituting practice of medicine, i.e., any other means of
communication, either offer or undertake by any means or method to diagnose,
treat, operate or prescribe any remedy for any human disease, injury, deformity,
physical, mental or physical condition 39 contemplates the practice of

Comprehensive Dangerous Drugs Act of 2002, 67.

An Act Defining Violence Against Women And Their Children, Providing For Protective Measures For Victims,
Prescribing Penalties Therefore, And For Other Purposes [Anti-Violence Against Women and Their Children Act of
2004] Republic Act No. 9262, 44.
36
The National Telehealth Service Act of 2009, H.B. No. 6336, 14th Cong., 2nd Reg. Sess. (2009).
37
The Telehealth Act of 2014, H.B. No. 4149, 16th Cong., 1st Reg. Sess. (2014).
38
The Medical Act of 1959, 10.
39
Id.
35

V.

40

telemedicine, which is a method of diagnosing and treating any human disease

through the means of information and communications technology.
B. In relation to this, Section 6 of the Code of Ethics of the Philippine Medical
Association provides that [t]he physician should hold as sacred and highly
confidential whatever may be discovered or learned pertinent to the patient even
after death, except when required in the promotion of justice, safety[,] and public
health.40 Relevantly, Section 24 of The Medical Act of 1959 provides possible
grounds for reprimanding a physician, one of which is violating the provisions of
the Code of Ethics promulgated by the Philippine Medical Association.41
C. Nonetheless, such protection remains inadequate in light of the fact that the
possible breaches to health information privacy may not only be committed by
doctors; these breaches may most likely be committed by other health information
handlers such as medical data transcriptionists, electronic medical records
controllers, and other medical professionals who have access to telemedicine
records.
It is arguable that the Data Privacy Act offers ample protection of the right to privacy
of patients from the unlawful acts and/or omissions of all types of personal medical
information handlers. However, there is also legal basis to support the
counterproposition that it is insufficient to protect the rights of patients in
telemedicine to informational privacy.
A. Section 4 of the Data Privacy Act provides that the law applies to the processing
of all types of personal information and to any natural and juridical person
involved in personal information processing including those personal information
controllers and processors who, although not found or established in the
Philippines, use equipment that are located in the Philippines, or those who
maintain an office, branch[,] or agency in the Philippines .42
B. Personal information about a persons health is considered as sensitive personal
information under the Data Privacy Act. The law provides that Sensitive
personal information refers to personal information:
(1) About an individuals race, ethnic origin, marital status, age, color, and
religious, philosophical or political affiliations;
(2) About an individuals health, education, genetic or sexual life of a person, or
to any proceeding for any offense committed or alleged to have been committed
by such person, the disposal of such proceedings, or the sentence of any court in
such proceedings;

Philippine Medical Association, Code of Ethics of the Philippine Medical Association, available at
https://www.philippinemedicalassociation.org/downloads/pma-codes/FINAL-PMA-CODEOFETHICS2008.pdf (last
accessed Dec. 23, 2016).
41
The Medical Act of 1959, 24.
42
An Act Protecting Individual Personal Information in Information and Communications Systems in the
Government and the Private Sector, Creating for this Purpose a National Privacy Commission, and for Other
Purposes [Data Privacy Act of 2012] Republic Act No. 10173, 44 (2012).

(3) Issued by government agencies peculiar to an individual which includes, but

not limited to, social security numbers, previous or current health records,
licenses or its denials, suspension or revocation, and tax returns; and
(4) Specifically established by an executive order or an act of Congress to be kept
classified.43
C. Processing of sensitive personal information is prohibited as general rule, subject
to exceptions expressly provided for in the law.44
1. Processing of sensitive personal information allowed when necessary for
purposes of medical treatment, is carried out by a medical practitioner or a
medical treatment institution, and an adequate level of protection of
personal information is ensured.45 By statutory construction, this covers
information collected, stored, and processed in the practice of
telemedicine.
D. The opposing argument is that the Data Privacy Act does not give full protection
to the right to privacy of patients from the unlawful acts and/or omissions of all
types of personal medical information handlers.
1. Review of the legislative purpose for passing the Data Privacy Act shows
that it seeks to make the Philippines compliant with international data
security standards to attract investors in the Information Technology and
Business Process Outsourcing (IT-BPO) industry, and not precisely to
apply to medical information transferred in the practice of telemedicine.46
2. Applying statutory construction principles, the law only protects
personal information and therefore does not contemplate processed
medical information.47
VI.

43

Working Answer:
A. The thesis proponent submits that the Data Privacy Act and other existing laws
are inadequate to fully protect the right to health informational privacy of patients
of telemedicine. In light of this, it is proposed that a law be passed regulating the
overall practice of telemedicine in the Philippines and that specific regulations to
uphold the said right be particularized.

Data Privacy Act of 2012, 3 (l). (emphasis supplied)

Id., 13 (e).
45
Id.
46
Carmela Fonbuena, Aquino signs Data Privacy Law, available at http://www.rappler.com/nation/11060-aquinosigns-data-privacy-law, last accessed Dec. 23, 2016.
47
Data Privacy Act of 2012, 44.
44

Potential Thesis Adviser Consulted:

Atty. Ivy Patdu
Comments:
During the consultation, I presented my original phrase outline for the privacy issues in
telemedicine and the alternate phrase outline for the cultural integrity issues arising from the
introduction of medical technology in indigenous peoples communities. For the latter topic, she
advised me that the slant of the paper was more of policy rather than legal. She then advised me
to explore the privacy issues on telemedicine as my thesis topic, as the Data Privacy Act may not
fully comprehend the possible privacy issues in the context of telemedicine. She said that
practitioners have different views with regard to the applicability of the Data Privacy Act in
terms of the transfer of medical data in light of the increasing trend in the utilization of
telemedicine services. Unfortunately, she is busy with her work in the National Privacy
Commission so she advised me to look for another thesis adviser who I would be able to work
more closely with.