The National Privacy Commission has issued a stern warning to individuals involved in processing and disseminating leaked personal data from the Philippine Health Insurance Corp. (PhilHealth), cautioning them about potential criminal charges.
In a statement released on Tuesday, the NPC highlighted that personal data exfiltrated from PhilHealth is currently being shared illicitly.
The commission emphasized the gravity of the situation and the severe consequences that await anyone found processing, downloading, or sharing this data without proper authorization or a legitimate purpose.
According to Section 25 of the Data Privacy Act of 2012, individuals found guilty of unauthorized processing of personal information may face imprisonment for up to three years and a fine ranging from P500,000 to P2 million.
Even more severe penalties apply to unauthorized processing of sensitive personal information, which carries a potential imprisonment of three to six years and a fine ranging from P500,000 to P4 million.
The NPC stressed that sharing leaked data exposes affected individuals to various risks, including identity theft, fraud, extortion, blackmail, and other malicious activities.
Therefore, the commission urged the public to report any instances of leaked data to the appropriate authorities, including the NPC and law enforcement agencies.
Additionally, the NPC called upon personal information controllers and processors to strengthen their data protection measures to prevent similar breaches from occurring in the future.
Source: PhilNews24 | October 10, 2023
