Philippine WHO says it does not gather, retain personal data of Filipinos
Amid allegations, the Philippine office of the World Health Organization (WHO) on Friday responded to reports of an alleged breach in a WHO database, asserting that it neither collects, processes, nor stores personal data of Filipinos. The statement clarified that the WHO lacks access to individual personal data, which is under the exclusive jurisdiction of governments.
The WHO emphasized that it does not handle personally identifiable information related to COVID-19 immunization, such as names, email addresses, or phone numbers.
During the pandemic, the organization collected aggregated data from national health authorities globally, focusing on population-level statistics, including overall COVID-19 infections, deaths, and vaccine doses administered.
Addressing claims of a data breach linked to WHO or its databases, the statement categorically declared them as false and inaccurate. The WHO reaffirmed its commitment to principles of personal data protection as outlined in the United Nations Principles on Personal Data Protection and Privacy.
Earlier, the Department of Information and Communications Technology (DICT) offered assistance to the WHO in investigating the alleged breach that reportedly compromised COVID-19 vaccination data from the Philippines and India.
The DICT spokesperson mentioned that the extent of the breach remains unclear, and access to WHO's records is pending. The international nature of the agency poses jurisdictional challenges, and any participation in the investigation would depend on the WHO's request.