NPC: Burden of proof of data breach on PhilHealth hacking lies with victims

NPC: Burden of proof of data breach on PhilHealth hacking lies with victims

/ 02:57 PM October 11, 2023

NPC: Burden of proof of data breach on PhilHealth hacking lies with victims

MANILA, Philippines — Members of Philippine Health Insurance Corporation (PhilHealth), whose data or personal information were compromised, may submit a complaint to the National Privacy Commission (NPC).

This option comes following the recent hacking of the computer system of PhilHealth.

Article continues after this advertisement

The complainant just has to prove the damage done as a result of the online attack against the corporation.

FEATURED STORIES

This action was suggested by NPC Chief of Complaints and Investigation Michael Santos at Kapihan sa Manila Bay forum on Wednesday.

Santos said upon submitting a complaint, the burden of proof that data breach took place will be on the victim.

Article continues after this advertisement

Revised Rules on Evidence defines burden of proof as the duty of a party to provide evidence supporting his or her claims.

Article continues after this advertisement

“Nasa nagre-reklamo kasi yung burden of proof,” Santos said

Article continues after this advertisement

(The burden of proof is on the complainant.)

Aside from this condition, the NPC official said complainant must also prove that his or her data was involved in the breach, and that the glitch was due to the corporation’s fault.

Article continues after this advertisement

“Kung magpa-file ka sa commission, first, you have to prove na may damage sa ‘yo; na involved ka doon; na yung data mo, involved; na may na-compromise na data mo, through the fault of PhilHealth,” he elaborated.

(If you are going to file at the commission, first, you have to prove that there was damage done to you; that you were involved; your data was involved; that your data was compromised, through the fault of PhilHealth.)

Santos added if the complainant’s data are not actually involved in the breach, the charge will be deemed baseless.

The NPC official, meanwhile, mentioned that even without a complaint, NPC conducted a probe into the PhilHealth hacking.

“Ngayon nga, mas malalim na yung imbestigasyon natin to find out kung ano ba yung naging gaps, and kung yung gaps will come out to negligence and there are possible liabilities,” he said.

(Now, we are doing a deep investigation to find out what were the gaps, and if these gaps will result in negligence and there are possible liabilities.)

Santos said the compromised data of PhilHealth were mostly basic information.

These details include Philhealth numbers, names, birthdays, sex, addresses, some pictures, identification cards, work-related documents, and contracts.

So far, no one has filed any complaint with NPC on the matter.

The commission was created to administer and implement the provisions of Data Privacy Act of 2012.

RELATED STORIES

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the and acknowledge that I have read the .

Leaked Philhealth data ‘staggering,’ says NPC

DICT: Hacked Philhealth data spreading on app contains malware

APL
www
www
entertainment
business
globalnation
TAGS: data breach, hacking, Philhealth

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the and acknowledge that I have read the .

© Copyright 1997-2024 | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies.