General Policy Declaration

Mount Carmel Diocesan General Hospital (MCDGH) established this Data Privacy Policy to demonstrate that we recognize and value your privacy rights. Our Hospital is dedicated to guarding and securing personal information and protecting the rights of our data subjects (ex. patients, doctors, employees, outsourced personnel, suppliers, partners, and other stakeholders) in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) and its Implementing Rules and Regulation.

As healthcare institution, we observe maximum compliance with the sternest standards of security and confidentiality concerning all personal information and data submitted by our data subjects.


This Data Privacy Policy applies to all Personal Information we gather on our website,

We have prepared this Privacy Policy to recognize how our hospital generate, uses, and pursues to safeguard the Personal Information you provide on our websites, email, and through our service providers and sharing partners. This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third party, including any third-party distribution partners, suppliers and other operators, and any third party operating any site to which our websites contain a link. By downloading, accessing or using our websites, or providing information to us in connection with our websites, you agree to the terms and conditions of this Privacy Policy.

Personal Data We Collect

“Personal Data” refers to all types of personal information, sensitive personal information and privileged information under the Data Privacy Act of 2012 and its Implementing Rules and Regulations, such as but not limited to the following:

  • Personal information such as complete name, birthdate, age, gender, civil status, nationality, religion, occupation, medical insurance membership, and affiliations.
  • Personal information such as address, telephone number (including home and mobile phone numbers), and Email address.
  • All medical information and health issues which you voluntarily provide to us in connection with your diagnostic tests, medical consultation, procedures, and treatment.

And such other additional information that will be required in relation with herein declared purpose and use of information.

Personal Information of Minors and Mentally Challenged Individual

If the Personal Information was provided by a minor or one who is not mentally capable of entering into contractual transactions without parental or guardian consent, the parent or guardian shall be responsible in giving the consent required under this Data Privacy Policy.

If you provide us or our medical service providers with Personal Information of other people in connection with the medical services we offer, you hereby represent that you have the authority to do so and have secured consent to permit us to use the information in accordance with this Data Privacy Policy.

We may use software tools, applications, and other forms of data collection technology that automatically collect information that can be retrieved from publicly disclosed Internet data, social media sites, and web applications.

How We Use and Protect Your Personal Information

When you requested and secure MCDGH’s medical services, we may collect personal information that is provided to us voluntarily. The collected personal information is used for standard and special medical processes to provide quality health services such as:

  • To perform our duties, responsibilities, exercise its rights, and conduct its functions as a medical, research, and training institution;
  • To conform with all legal, regulatory, administrative or juridical requirements including but not limited to contracts, audit, reporting and transparency requirements;
  • To conduct marketing activities including sending out of email and SMS, for our medical products and services.

The MCDGH adopts reasonable technical approaches and measures to safeguard the collected personal information. However, please also note that no method of information systems security and technique is completely secure. Transmission of data over the Internet or information stored on servers that are accessible online is not 100% safe and secure. While we are trying our best to safeguard your personal data, we cannot guarantee its absolute security.

To Whom Do We Share Your Personal Information

Your personal information will not be disclosed to any third party without your express or implied consent. You may ask us to discontinue collecting, using, and sharing your personal information at any time. However, your personal information may be disclosed even without your consent if the disclosure is required by law to access as part of an investigation into technical problems or unauthorized use.

When we share your personal information with our partners, vendors and other service providers, and government agencies who need access to such information, we ensure that these partners, vendors and other service providers, and government agencies are bound to us by a non-disclosure agreement that prohibits them from using your personal information for any purpose other than fulfilling their obligations to the MCDGH.

How long do we store/retain your personal information?

Your personal data shall be retained only for the period necessary to serve the purpose it is collected or as required under any contract, by applicable law, or policy issuance. Thereafter, your personal information shall be disposed of securely to prevent further processing, unauthorized access, or disclosure to any other parties.

Rights of Data Subject

The MCDGH implements suitable system, technical, physical, and organizational security measures to protect the Personal Information provided to us. We are using different security methods and techniques such as secure servers, upgraded firewalls, and encryption in safeguarding the storage of data. These safeguards are frequently revisited to ensure its full protection against unauthorized disclosure and access of your information, and to preserve the accuracy and integrity of the all data.

Cyber Security and Storage Measures

You are assured with specific rights as a Data Subject relevant to your personal data under the Data Privacy Act of 2012, which includes:

  • The right to be informed of the collection and processing of data.
  • The right to object to collection processing of data.
  • The right to access your personal data.
  • The right to modify inaccurate data.
  • The right to erasure or blocking of data.
  • The right to damages for unlawfully obtained or unauthorized use of personal data.

If you like to access to your personal information into our records, or you think that such personal information we have about you is incomplete, not up-to-date, or otherwise inaccurate, you may make the necessary modification by contacting us.

Changes to Our Privacy Policy

This Data Privacy Policy may be amended from time to time in order to maintain compliance with the law and reflect any changes to our data collection process by posting updated policy contents on the relevant Site, and your continued use of our Sites and services constitutes your consent to those changes.

Cookie Declaration

Cookies are the small data files we write into your device when you visit our website. We use cookies so you may access our website with full functionality and an excellent user experience. You may opt not to receive cookies by not accepting or disabling them in your web browser configuration. Keep in mind, however, that by doing such, you may not be able to use our website’s full features.

Our website may contain links to third-party websites that may also use cookies. Should you use those links and leave our website, please note that we have no control over such third-party sites, and their data privacy policy shall govern your use of their site.


If you have any complaints about how we process your personal data, please don’t hesitate to directly contact us through the Contact Details Section for us to resolve the issue. If you fell we have not addressed your concern in a satisfactory manner you may contact the Administrative Department.

Contact Details:

If you have inquiries or concerns, you can contact our Data Protection Officer @


We use cookies to ensure that we give you the best experience on our website. By continuing to browse out site, you are agreeing to our use of cookes.