Privacy breach at center of pregnancy test probe

BAGUIO CITY — The National Privacy Commission (NPC) on Wednesday began investigating a medical school here to determine if it was liable for unauthorized data collection when it directed its female students to undergo pregnancy tests.

The first hearing was held behind closed doors, but Pines City Colleges said that mandatory pregnancy examinations were meant to protect the students, according to an NPC official.

“To our knowledge there is no directive from the Commission on Higher Education (CHEd) requiring mandatory pregnancy testings,” said lawyer Francis Euston Acero, chief of the NPC complaints and investigation division.

CHEd investigation

CHEd, which has oversight control over universities and colleges, is conducting an independent investigation of Pines City Colleges, he said.

The school will need to prove that the pregnancy test requirement did not violate any law, including the rules protecting gender rights such as the Magna Carta of Women, Acero said.

Pines City Colleges drew flak from activists and lawmakers when documents providing the schedule and fees of the latest round of pregnancy tests were posted on Facebook.

The school, in a statement last week, said: “We believe it is a policy protective of our students while they are in our care and are deployed to internship programs in hospitals…”

Data privacy

The tests were supposedly meant to discourage pregnant students from taking clinical subjects that require the use of chemicals and hospital radiation equipment.

Acero said contracts and agreements needed to comply with all laws, including the Data Privacy Act of 2012 (Republic Act No. 10173).

“The data privacy law changes the way we view and see things. What we used to accept before may not be legal anymore,” he said.

Institutions need to comply with the rules on transparency and assure the public that the information collected will be “used for its intended and legitimate purpose,” he said.

Results of pregnancy tests are considered “sensitive personal information,” which must be secured and removed when their purpose has been fulfilled, Acero added. —Vincent Cabreza

Read more...