Share on facebook
Facebook
Share on twitter
Twitter
Share on email
Email

After COVID care

The Commission on Audit raised the alarm that the online database system maintained by the government for its implementation of the COVID-19 National Vaccination Program (CNVP) could expose sensitive information of the public to possible breaches, as it recommended improvements in cybersecurity in the government’s Vaccine Information Management System (VIMS).

The VIMS was maintained by the government in connection with its implementation of CNVP in 2021 to 2022, pursuant to Republic Act 11525 or the COVID-19 Vaccination Program Act. The VIMS was mainly used to measure the daily vaccination accomplishments and served as a database of inoculated individuals by the local government units.

“The audit revealed significant weaknesses in the VIMS regarding data input, processing, access controls, logging functionality, and adherence to data privacy requirements. These deficiencies resulted in the entry of invalid, inaccurate, and duplicate data, increasing the risk of unauthorized access to the sensitive personal information of millions of Filipinos,” the COA report read.

The COA said among the information contained in the VIMS which were exposed to possible breaches include personal data coming from the health declaration forms and consent forms filled out by beneficiaries, such as name, birthday, mobile number, address, and medical history.

“The lack of NDAs (non-disclosure agreements) further exacerbates this risk, potentially leading to data breaches and non-compliance with the Data Privacy Act of 2012,” it added.

Even when it was an emergency then, and Filipinos had no choice but to give up their personal data in order to avail of COVID vaccines being given by their government, the concern for the security and privacy of the data being surrendered was always at the back of the minds of those who were aware of such issues. The COA raising the alarm on the exposure of that data to possible breaches is a reminder of that valid concern that has now made it to the fore, now that humanity has survived the pandemic.

The pandemic may be over, but the personal data that was surrendered and collected by the government remains under its custody and stewardship. Just because our guard has been relaxed as far as COVID-19 is concerned, it doesn’t mean the same goes as far as the safekeeping is concerned for the personal data that our government has collected, kept, and remains responsible for.

Hopefully our personal data gets the same attention and security as the government gives its own data and state secrets.*

ARCHIVES

Read Article by date

February 2025
MTWTFSS
 12
3456789
10111213141516
17181920212223
2425262728 

Get your copy of the Visayan Daily Star everyday!

Avail of the FREE 30-day trial.