DRMed Clinic & Laboratory
Book Now

Legal

Data Privacy Notice

How DRMed Clinic and Laboratory handles your personal data under the Philippine Data Privacy Act of 2012 (RA 10173).

Last updated: April 29, 2026

This notice explains how DRMed Clinic and Laboratory collects, uses, stores, and protects personal data in compliance with the Data Privacy Act of 2012 (RA 10173) and applicable NPC issuances.

1. Personal Information Controller

DRMed Clinic and Laboratory
4/F DRMed Clinic & Laboratory, Northridge Plaza, Congressional Avenue, Quezon City
Mobile: 0916 604 3208
Telephone: (02) 8 355 3517

2. Personal Data We Process

  • Patient identification details (for example: name, DRM-ID, and portal login details).
  • Laboratory transaction information (for example: test names, dates, status, and released reports).
  • Security metadata (for example: timestamp, hashed IP and hashed user-agent for consent and access logging).

3. Purpose of Processing

  • Verify patient identity for secure release of test results.
  • Provide laboratory report access and test status tracking.
  • Maintain service security, fraud prevention, and audit trail records.
  • Comply with legal, regulatory, and medical record obligations.

4. Legal Basis

Processing is based on consent, fulfillment of healthcare service obligations, legitimate interests in securing systems, and compliance with legal obligations under Philippine law.

5. Data Sharing

Data may be processed by authorized service providers used for operations (such as secured cloud hosting, document storage, and anti-bot protection) under confidentiality and data protection controls. Data is not sold to third parties.

6. Retention

Data is retained only as long as necessary for medical, legal, and operational purposes, and disposed of securely based on DRMed retention schedules and legal requirements.

7. Your Rights as Data Subject

  • Right to be informed
  • Right to access
  • Right to object
  • Right to rectification
  • Right to erasure or blocking, when legally applicable
  • Right to data portability, when applicable
  • Right to damages and complaint

8. Security Measures

DRMed implements administrative, physical, and technical safeguards including access controls, secure transmission, rate limiting, and audit logging for portal activities.

9. Consent and Portal Access Logs

When you submit portal credentials and accept this notice, we may record consent metadata such as DRM-ID, timestamp, privacy notice version, and hashed client identifiers for compliance and security verification.

10. Updates to This Notice

We may update this notice from time to time. The latest posted version on this page applies.

11. Contact for Privacy Requests

For privacy-related requests (access, correction, or complaints), contact DRMed through the numbers listed above or through our contact form.