Privacy Notice

In Kaiser International Healthgroup, Inc., we are committed to protecting your privacy. This privacy notice discloses what information we collect, how we use them, and available measures to control the information you provide to us. These privacy practices apply to this web site, which is operated by KAISER, its partner, or affiliate. By visiting this web site, you are accepting the practices described in this Privacy Notice.

I. Definition of Terms

  • “Consent” of the data subject refers to any freely given, specific, informed indication of will, whereby the data subject agrees to the collection and processing of personal information about and/or relating to him or her. Consent shall be evidenced by written, electronic or recorded means. It may also be given on behalf of the data subject by an agent specifically authorized by the data subject to do so.
  • “Data subject” refers to an individual whose personal information is processed.
  • “Personal information” refers to any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.
  • “Processing” refers to any operation or any set of operations performed upon personal information including, but not limited to, the collection, recording, organization, storage, updating or modification, retrieval, consultation, use, consolidation, blocking, erasure or destruction of data.
  • “Privileged information” refers to any and all forms of data which under the Rules of Court and other pertinent laws constitute privileged communication.
  • “Sensitive personal information” refers to personal information:
    1. About an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations;
    2. About an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings;
    3. Issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and
    4. Specifically established by an executive order or an act of Congress to be kept classified.

II. Data Life Cycle

A. Collection of Personal and/or Sensitive Personal Information

We collect personal and health-related information that you voluntarily provide to us when you interact with our services. This includes instances when you register for an account, enroll in an healthcare plan, communicate with us via email, subscribe to our newsletters, or utilize our digital health services. In addition to those defined above, personal information collected, whether in print or digital, is as follows:

  • Name, spouse name (if any), date of birth, place of birth, gender, civil status, citizenship, tax identification number, SSS or GSIS number, PhilSys ID number, mobile number, telephone number, email address, educational background;
  • PhilHealth identification number, PhilHealth contribution status, monthly salary credit, and PhilHealth case rate utilization details necessary for benefit coordination;
  • Specimen signatures, photos, images from CCTVs, voice recordings of our conversations;
  • Mother’s maiden name, father’s name, their present address, siblings (if any), children;
  • Beneficial owner’s name, address, date of birth, and contact number;
  • Employment information such as but not limited to occupation, rank, date hired, job title/position, business (if any), year/s of business, source of funds, employer’s name, employer’s business name, address;
  • Authorized representative (if any), name, citizenship, date of birth, place of birth, relationship to our client or customer, present address, contact number;
  • Medical and clinical history, including pre-existing conditions, past and current diagnoses, family medical history, physical injuries, and psychological or mental health assessments;
  • Medical treatment records, including outpatient consultation notes, inpatient hospital confinement details, surgical procedures, emergency room records, and therapy logs;
  • Diagnostic and laboratory test results, including blood chemistry, X-rays, MRI/CT scans, ECGs, ultrasounds, and biometric data (such as blood type, height, weight, BMI, and blood pressure);
  • Prescription data, including lists of maintenance medications, acute medications, drug or food allergies, and immunization/vaccination records;
  • HMO coverage, utilization, and claims history, including total utilized limits per illness, utilization frequency, pre-authorization requests, approved/denied claims, and reimbursement bank account details;
  • Lifestyle and wellness data, including smoking habits, alcohol consumption, fitness activity logs, dietary habits, and wellness program metrics;
  • Other information obtained as may be necessary or incidental to our clients and customers’ transaction/s with KAISER, its affiliates, or related parties, and such other information which KAISER receives from service providers conducting credit profiling and credit risk management.

Collection of Anonymous Information

A "cookie" is a small file stored on your computer that stores certain information about your activity on the site. We do not store personal or financial information through cookies. Cookies are used to enable our system to recognize your browser, and to determine whether you are a new or returning customer. You may elect not to allow cookies to be collected by configuring your Internet browser. However, we recommend that you turn it on, as certain features of our web sites are only available to browsers that allow cookies.

Servers. Our web servers are installed with analysis software for the purpose of analyzing our web sites' traffic. Our servers automatically record details such as your browser, IP address, time, information about the page you requested, and referring URLs.

Third-party advertisement servers. Some of our advertisers use third-party companies to serve their advertisements on our sites and, in some cases, in our HTML-formatted newsletters. Often, these third-party advertising companies employ cookie and Web bug technologies to measure advertisement effectiveness. We do not give any personally identifiable information to them as part of this relationship. Use of their tracking technology is subject to their own privacy policies.

B. Use of Personal and/or Sensitive Personal Information

KAISER uses personal information:

  • To process, evaluate, and administer healthcare products and services availed of by our clients and customers, including but not limited to, enrollment, medical underwriting, membership coordination, premium billing, claim adjudications, telemedicine services, and emergency medical assistance;
  • To comply with the internal processes, operational policies, and administrative procedures of KAISER, including the enhancement of our services through web traffic analysis, data aggregation of visitor demographics, and user experience optimizations;
  • To comply with and carry out the functions of public authorities, which includes the processing of personal information for the performance by law enforcement, public health bodies, and regulatory agencies of their constitutionally and statutorily mandated functions, including the submission of necessary health or transaction records to the Insurance Commission (IC), National Privacy Commission (NPC), and courts of competent jurisdiction;
  • To enable KAISER, its partner medical networks, and accredited providers to comply with Republic Act No. 7875 (as amended by Republic Act No. 10606 or the National Health Insurance Act), the Anti-Money Laundering Act (Republic Act No. 9160, as amended), and other applicable domestic laws, rules, or regulations governing healthcare networks and financial transactions;
  • To some extent, whenever necessary to effect the contractual obligations of service providers, accredited hospitals, clinics, and medical professionals engaged by KAISER in furtherance of the purposes for which the said personal information will be used and processed;
  • With your consent, KAISER may send you marketing, promotional offers, newsletters, and product-related communications through email, SMS, in-app notifications, or other available electronic channels, as well as administer voluntary interactive features such as contests, polls, and discussion boards. In certain circumstances, KAISER may also send limited service-related or product communications based on its legitimate interests, such as providing existing clients and customers with information on healthcare plans or medical network updates relevant to their current relationship with KAISER. Nonetheless, you may withdraw your consent or object to such communications at any time by updating your preferences within the application, using the unsubscribe link provided in the communication, or by contacting our Data Protection Officer. For more information on how to contact us, please refer to Section VII (Contact Us);
  • Perform such other functions, processes, and activities permitted by law and/or with your consent.
C. Disclosure of Personal Information

KAISER may disclose, share, transfer, or instruct a third party or organization to disclose, share, or transfer the personal and sensitive personal information of its clients and customers obtained and described under this Privacy Notice to the following:

  • Its stockholders, directors, officers, employees, medical evaluators, and duly authorized personnel, agents, affiliates, or related parties, strictly on a need-to-know basis to facilitate membership administration, medical underwriting, and claims processing;
  • Accredited hospitals, clinics, diagnostic centers, physicians, specialists, nurses, and other healthcare professionals or partner institutions, for the purpose of authorizing, administering, and coordinating your medical treatments, consultations, and emergency care;
  • Third-party administrators (TPAs), IT and cloud hosting providers, telemedicine platform operators, and customer support vendors who are bound by strict obligations of confidentiality and data protection agreements, and who will have access to your personal information only as necessary to perform their mandated functions under standards acceptable to KAISER;
  • Authorized human resource representatives or coordinators of your employer (if your HMO coverage is provided under a corporate or group plan), strictly limited to enrollment status, utilization summaries, or billing reconciliations as permitted by law or your corporate health agreement;
  • PhilHealth, for the coordination of statutory benefits and case rate deductions, the IC, the NPC, and other relevant government departments or regulatory agencies in compliance with their supervisory and statutorily mandated functions; and
  • Any authority, regulator, supervisory body, law enforcement agency, court, quasi-judicial body, or tribunal in compliance with their respective legal mandates, valid subpoenas, and applicable domestic laws.
D. Retention of Personal Information

Except as otherwise provided herein, by applicable KAISER policy, or unless earlier destroyed, disposed of, or deleted upon valid written request of the client or customer in accordance with the principle of proportionality, physical and digital copies of personal and sensitive personal information collected, stored, and/or processed by KAISER shall be retained only for the duration of the validity and effectivity of the relevant HMO membership plan, contract, or healthcare service for which consent was freely given. Such information shall be retained only for as long as reasonably necessary to fulfill legitimate medical and business purposes, or as permitted or required under applicable healthcare and privacy laws and regulations. In no case shall retention exceed ten (10) years from the date of the client’s or customer’s last transaction or termination of membership, except under the following circumstances:

  • retention is necessary to carry out the functions of public authorities, in accordance with a constitutionally or statutorily mandated function pertaining to public health, law enforcement, or regulatory oversight;
  • retention is required for KAISER, its accredited medical networks, and healthcare providers to comply with the mandates, rules, and circulars of the IC, the Department of Health (DOH), PhilHealth, and other statutory bodies authorized by law;
  • retention is necessary to establish, exercise, defend, or pursue any legal claims by or against KAISER, including medical malpractice suits, financial disputes, or claims brought by third parties that affect the personal and sensitive personal information of KAISER clients and customers; and
  • retention is required for legitimate, ongoing healthcare administration and business purposes in accordance with the standards followed by the Health Maintenance Organization and insurance industries, and as consented to by the client and customer.

III. Protecting Personal Information

The processing of personal and sensitive personal information exposes our clients and customers to various operational, medical, legal, regulatory, or reputational risks. These risks are heavily present when there is gross negligence, unauthorized or illegal processing, or accidental disclosure of highly sensitive medical and personal records. KAISER is strictly committed to protecting the privacy of all information provided to it by its members, clients, and customers by maintaining rigorous physical, technical, and organizational safeguards designed to protect personal data against loss, theft, unauthorized access, disclosure, copying, use, or modification.

As part of this commitment, KAISER implements the following security protocols:

  • KAISER limits data access strictly on a “need-to-know” basis. This is heavily enforced with our partner medical networks, accredited healthcare facilities, and third-party service providers performing contractual obligations. All such partners are required to execute comprehensive Non-Disclosure and Data Sharing Agreements, compelling them to treat all health and personal information with the highest degree of medical and legal diligence.
  • Member files and medical charts are processed securely across both digital and physical platforms. Physical, paper-based documents are stored in centralized, locked medical filing repositories with restricted access.
  • Every employee, medical coordinator, and authorized representative is provisioned with a secure, authenticated KAISER corporate email address and system login credentials. This ensures that all member transactions, medical pre-authorizations, and healthcare service processing occur strictly within legitimate, encrypted corporate channels.
  • The unauthorized transfer of sensitive medical or personal data via portable storage media, cables, or unapproved external devices is strictly prohibited to mitigate the risks of unauthorized extraction, sharing, or reproduction of member data.
  • We implement cutting-edge technical security controls to safeguard data transmission and storage. This includes advanced firewalls, data encryption protocols (both at rest and in transit), secure access controls, multi-factor authentication, and robust incident response procedures.

IV. Rights of a Data Subject

Under Section 16 of the Data Privacy Act of 2012, the data subject is entitled to the:

  • Right to be informed. KAISER recognizes the right of data subjects to be informed when their personal information is being processed and the purpose for which the data is being processed, and be furnished with the information indicated in the processing prior entry.
  • Right to object. Data subjects are given the option on whether they want their personal information processed as part of the transaction of the KAISER.
  • Right to Access. Data subjects are given the right to reasonable access, upon written request, the contents of their personal information that were processed and the manner of processing this information; the sources from which these were obtained; and the recipients and reasons for disclosure, if any; date when your information was last modified.
  • Right to rectify erroneous data. Upon access, inquiry or knowledge thereof, if there are erroneous personal information processed or acquired by KAISER, the data subjects may demand that it be rectified to reflect the true and correct personal information of the data subject.

To ensure and maintain accuracy and up-to-date personal information collected and processed from our clients and customers, requests for data access and/or correction can be made by logging into your KAISER Member Portal, visiting any official KAISER Customer Care Center or Accredited Desk, or by sending a formal request through our appointed Data Protection Officer (DPO) at:

KAISER INTERNATIONAL HEALTHGROUP, INC.
Attention: Data Protection Officer
Ground Floor, Omnis Prosperity Tower, 377 Sen. Gil Puyat Avenue, Bel-Air,
Makati City

  • Right to Erase or Block. All data subjects may, based on reasonable grounds, suspend, withdraw or order the blocking, removal or destruction of personal information upon discovery and substantial proof that the personal information are incomplete, outdated, false, unlawfully obtained, used for unauthorized purposes or are no longer necessary for the purposes for which they were collected. However, the foregoing shall not apply in cases of:
    1. Fulfillment of the purpose/s for which the data was obtained;
    2. Compliance with a legal obligation which requires personal data processing;
    3. Establishment, exercise, or defense of any legal claim;
    4. Legitimate business purposes of KAISER, consistent with the applicable industry standard for personal data retention;
    5. To apprise the public on matters that have an overriding public interest or concern, taking into consideration the following factors:
      1. constitutionally guaranteed rights and freedoms of speech, of expression, or of the press;
      2. whether or not the personal data pertains to a data subject who is a public figure; and
      3. other analogous considerations where personal data are processed in circumstances where data subjects can reasonably expect further processing.
    6. As may be provided by any existing law, rules, and regulations
  • Right to Data Portability. Where personal information is processed by electronic means and in a structured and commonly used format, the data subject has the right to obtain from KAISER a copy of such data in an electronic or structured format that is commonly used and allows further use.
  • Right to be indemnified for damages. The data subject shall be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal information.
  • Right to File a Complaint. The data subject may file a complaint or exercise his/her rights above by reaching out to KAISER through the contact details provided above. You may also raise privacy concerns to the National Privacy Commission through their official website at www.privacy.gov.ph.

To learn more about your rights as a data subject, you may visit the National Privacy Commission’s official website and review the information provided under the Data Subject section.

V. Disposal of Records

Subject to KAISER’s data retention policy and the statutory exceptions provided under the Data Privacy Act of 2012, a member or data subject may request the disposal, destruction, or blocking of their personal and sensitive personal information, including any related membership forms, medical histories, and clinical records. Such requests must be submitted either: (a) in person, at any official KAISER Customer Care Center or Accredited Desk, or (b) via a formal written or electronic notice addressed to the DPO. Upon receipt, the DPO shall endorse the request to the appropriate operations, IT, and legal departments for evaluation and secure disposition. Upon the successful and permanent destruction of the records, a Certificate of Destruction shall be issued to the data subject upon request.

Destruction and/or disposal of records may be delayed by reason of the following cases:

  • Where the requesting data subject is a party to an active, pending, or ongoing healthcare claim dispute, medical malpractice suit, financial audit, or regulatory investigation;
  • Where keeping the records is reasonably necessary to support an internal or external audit, or to comply with the statutory retention mandates of the IC, DOH, or PhilHealth; or
  • Other extraordinary and meritorious reasons highly warranted by the circumstances, including force majeure or Acts of God, which temporarily prevent the secure execution of data destruction protocols.

VI. Amendments

KAISER reserves the right to modify, amend, or update this Privacy Notice, in whole or in part, at any time to reflect changes in our internal corporate policies, advancements in security frameworks, shifts in HMO industry practices, or updates to relevant healthcare laws and regulations.

Any such changes or updates will become effective immediately upon posting. KAISER will notify its members and clients of significant revisions by publishing the updated notice on our official website, broadcasting announcements through the KAISER Member Portal or mobile application, or deploying official electronic communications (such as email notices). We encourage our clients and customers to periodically review this Privacy Notice to remain informed on how we continuously safeguard and protect your personal and sensitive medical information.

VII. Contact Us

For any inquiries, clarifications or requests on any aspect of this KAISER Privacy Notice, please visit any of our official KAISER Customer Care Center or Accredited Desk or call us through the link in our website. You may also write to our Data Protection Officer at:

DATA PROTECTION OFFICER
Kaiser International Healthgroup, Inc.
Ground Floor, Omnis Prosperity Tower, 377 Sen. Gil Puyat Avenue, Bel-Air,
Makati City
dpo@kaiserhealthgroup.com

Last update: 19 June 2026