MYCURE is DPA Compliant

MYCURE has been extremely mindful of data privacy way before the buzz began.

As our developers prepared to take on the daunting and exhilarating task of creating the perfect app for doctors, they studied international and national privacy laws, including HIPAA (Health Insurance Portability and Accountability Act of 1996), the DPA (Data Privacy Act of 2012), and even studies on Health Information Privacy in the Philippines.

We wholeheartedly agree with the terms and conditions set by these laws. So much so, that our language and culture within the company has adapted accordingly. “Data subject, PIC, PIP, DPO, DPS, PIA, PMP, and NPC” are just some of the words we’ve added to our office vocabulary.

More than words, we’ve added documents and protocols to ensure that while we comply with the DPA we allow our partners and clients to comply as well.

We encourage all our users to register.

We believe that registering as a Data Protection Officer with the National Privacy Commission, adds a relevant level of accountability and protection to doctors and patients alike. As a DPO, you will gain access to all the resources and reminders that the NPC rolls out. We even created a special DPA Dashboard for users who sign up today within MYCURE Version 4 and we made an audio-visual guide for MYCURE Version 3 users. We also make ourselves available for Data Privacy-related questions through our e-mail: privacy@mycure.md.

We stay true to our purpose.

There is no fine print. When we tell you that we are a tech & design company that builds Clinic Management Systems, then our actions will reflect that. The data we ask from you are solely for the purpose of identifying you as a unique user, validating your standing as a Physician or Clinic Administrator, and allowing you to use our system flawlessly. Any additional information we acquire will be from the meetings and conversations we are bound to have, but those can be likened to relationship-building and you can be assured of its confidentiality.


You can control how the relationship moves forward.

At the end of the day, while we want you to feel that this is a friendly relationship we have, it is truthfully a business. And in business, the customer is king! If you feel uncomfortable sharing certain information with us or you feel that we don’t really need that information, please let us know. We will either explain to you the necessity of the information or we will revise our privacy policy accordingly. Another relationship advice: Communication is key!

We are not alone behind this operation.

MYCURE has enlisted third-party service providers to ensure that our servers, database, cloud storage, customer service and other knick-knacks are top-notch. You can request a copy of our Privacy Manual to see the other companies we work with. Don’t fret just yet, we assure you that we do not share your personal information with them. Even if we did, they are also bound by the DPA and/or we would have Data Sharing Agreements in place.

We adopt and advocate top-of-the-line security measures.

When it comes to data privacy and security, there is always room for improvements. There are three levels in which to implement security measures: organisational, physical, and technical. We have made it our responsibility to inform our clients of the many ways they can comply to the DPA, and we continue to make ourselves available for support.

MYCURE is a practitioner and advocate of Data Privacy, and part of our business objective is to ensure that our users are also practitioners and advocates. Data, especially health data, is too valuable to leave unprotected. MYCURE envisions a future wherein data becomes so secure, that interoperability and universal health record become the norm.

Join us in our mission to make it easier to save lives.

Disclaimer: While we are DPA compliant, we do not claim authority within the Data Privacy Law. It is always best to consult directly with NPC for the most accurate and up-to-date information. In addition to that, being DPA compliant does not mean that we are 100% protected from security breaches, but it does mean we will remain transparent and responsive to them in the rare event that they occur.