General Privacy Notice

This is Skyline Hospital and Medical Center's (SHMC) general statement on its data processing activities to notify Data Subjects of categories of Personal Data processed and the purpose and extent of processing. This is not a consent form but a notification how SHMC processes Personal Data in its established practices and operations. SHMC may further provide specific privacy notices in line with specific activities or objectives.

NPC SEAL OF REGISTRATION
NPC Seal
NPC Seal

SHMC processes Personal Data to:

  1. Perform its obligations, exercise its rights, and conduct its associated functions as a healthcare service provider;
  2. Conduct all acts reasonably foreseeable and customarily performed by similar healthcare service providers;
  3. Decide and act for the holistic welfare of patients, service recipients, and their respective representatives and companions; and
  4. Manage and administer its internal and external affairs as a medical, educational, and research institution, and as a juridical entity with its own rights and obligations.

The SHMC Website uses cookies to prevent security risks, recognize that the user is logged in, customize the user's browsing experience, store authorization tokens, permit social media sharing, troubleshoot issues, and monitor anonymized or aggregated statistics.

SHMC collects the following Personal Data, as may be applicable and necessary for its specific legitimate purposes:

  • Personal details such as name, birth, gender, civil status and affiliations;
  • Contact information such as address, email, mobile and telephone numbers;
  • Medical information such as physical, psychiatric and psychological information;
  • Employment information such as government-issued numbers, position and functions;
  • Applicant information such as academic background and previous employments; and
  • Academic information such as grades, course and academic standing.

SHMC collects Personal Data physically through printed forms, attachments, and other documents required by its medical units and administrative offices, or electronically through electronic systems, electronic platforms, e-forms, email, or electronic submission of information directly by the Data Subject or by SHMC associates.

SHMC generally collects Personal Data from Data Subjects upon entry to the hospital or at the onset of a service, or transaction with SHMC, such as medical care, medical consultation, laboratory service and health-related services.

SHMC collects and processes Personal Data for the following purposes:

  1. Purposes necessary for SHMC to perform its obligations, exercise its rights, and conduct its functions as a medical, research, and training institution;
  2. Purposes to perform acts and decisions necessary for SHMC to manage and administer its internal and external affairs as a juridical entity with its own rights, interests and obligations;
  3. Compliance with legal, regulatory, administrative or judicial requirements including but not limited to audit, reporting and transparency requirements;
  4. Purposes specific to SHMC in accordance with its Privacy Policy and related policies, rules or procedures.

Personal Data are stored in physical and electronic data processing systems managed by groups, offices, and units of SHMC. Physical records are generally stored in folders or envelopes in drawers or shelves. Electronic records are generally stored in servers in the possession or control of SHMC or in cloud storage controlled or availed by SHMC.

Personal Data are transmitted and transferred in accordance with Chapter III of the Data Privacy Act of 2012 and Rule V of its Implementing Rules and Regulations.

SHMC uses Personal Data proportionately as necessary for its legitimate purposes in accordance with SHMC Policies. Personal Data are used in accordance with the Data Privacy Act of 2012, issuances of the National Privacy Commission and the Department of Health.

SHMC retains data in accordance with its policies on retention observing laws and government rules and regulations. In the absence of an applicable rule of retention, Personal Data shall be retained by SHMC group, office, or unit in accordance with locally and internationally accepted practices and standards.

A. SHMC patients, service recipients, and their respective representatives and companions have the following rights with respect to their Personal Data:

  1. Right to be informed, except for internal data;
  2. Right to access and data portability, subject to reasonable requirements;
  3. Right to rectification, erasure, and blocking. However, services may be affected by changes in or lack of data; and
  4. Right to file a complaint. SHMC's Data Protection Office and Patient Experience Group are continually open to resolve concerns.

B. SHMC patients, service recipients, their respective representatives and companions, and others within the scope of SHMC's Privacy Policy have the following responsibilities:

  1. Keep up to date all Personal Data and other information submitted to or in the possession of SHMC;
  2. Respect the data privacy rights of all Data Subjects;
  3. Report any suspected Security Incident or Personal Data Breach to SHMC through the contact information of SHMC Data Protection Office provided herein;
  4. Ensure accuracy of Personal Data and other information;
  5. Obtain the consent of the Data Subject prior to processing of personal information;
  6. Not disclose to any unauthorized party any non-public confidential, sensitive or personal information obtained or learned in confidence directly or indirectly through SHMC; and
  7. Abide by the policies, guidelines and rules of SHMC on data privacy, information security, records management, research and ethical conduct, and from time-to-time, check for updates on these policies, guidelines and rules and ensure compliance therewith.