THE Philippine Health Insurance Corporation (Philhealth) has disabled access to all its systems, including its websites, Health Care Institutions, Member Portal and e-claims as part of the “information security containment measures” being implemented by the agency following the security breach detected last week.
In a statement, the Philhealth said affected systems will immediately be restored after the completion of the needed configuration and reinforcement of existing information security measures.
“PhilHealth's Management assures the public that the incident is under control and that no personal information and medical information have been compromised or leaked,” it said.
“We have already coordinated with the Department of Information and Communication Technology (DICT), National Privacy Commission (NPC), Cybercrime Units of the National Bureau of Investigation (NBI), and the Philippine National Police (PP) to conduct forensic investigation and assessment,” it added.
The agency said members and their qualified dependents will continually be entitled to the benefits of the National Health Insurance Program (NHIP) with the submission to accredited healthcare providers a photocopy of the member's PhilHealth Identification Card (PIC) or Member Data Record (MDR) or any identified acceptable supporting documents.
It said self-earning individuals and professionals paying their premium contributions may pay directly to PhilHealth's existing Accredited Collecting Agents with over-the-counter payments.
Philhealth advised healthcare facilities to continue the deduction of benefits and devise temporary arrangements with patients.
The filing of claims is extended to another 60 days for claims covering June 1, 2023 to September 30, 2023.
Employers may submit their reports once the Electronic Premium Remittance System (EPRS) has been restored.
Philhealth said transactions and processes that can be done manually are continuous.
As reported, the Medusa ransomware, which infected the Philhealth system, is demanding $300,000 or around P16 million in order for them to delete the data they have captured and give the Philippine authorities the key to decrypt the data they have encrypted. (SunStar Philippines)