HEALTH Secretary Teodoro Herbosa Jr. yesterday said the reassignment of some officials of the Philippine Health Insurance Corporation (PhilHealth) is on hold pending a legal opinion from the Governance Commission for Government-owned or Controlled Corporations (GCG).
Herbosa said the Commission on Elections (Comelec) has already approved his request for the exemption of the transfer of the PhilHealth officials after some members of the board of the state insurance firm lost confidence on the executive committee members due to their “observed incompetence, gross negligence, and ineffective leadership.”
Herbosa said PhilHealth’s president and CEO Emmanuel Ledesma had asked for more time to implement the order to clarify the legalities of the transfer with the GCG.
Herbosa, who is a non-voting member of the PhilHealth board, said it was a unanimous decision of the board.
“They were dismayed because of the recent Medusa Act, because I think part of the problem was the antivirus was not updated, and plus they cited many other instances in the past — the delayed publication for the dialysis, et cetera,” he said in explaining the cause for the reassignments.
Affected by the reshuffle will be Chief Operating Officer Eli Dino Santos, Assistant Senior Vice President Nerissa Santiago and senior vice presidents Jovita Aragona, Renato Limsiaco, Jose Mari Tolentino, Dennis Mas and Israel Francis Pargas who have all denied the complaints against them.
At the same time, Herbosa said an investigating committee would determine if there was gross negligence on the part of PhilHealth officials in relation to the Medusa cyberattack that exposed the data of millions of the insurance firm’s members.
He assured that due process would be observed.
PhilHealth has said that the delay in renewing the agency’s antivirus software because of new government procurement rules had led to the data breach.
The hackers demanded $300,000 or around P16 million after the Medusa ransomware infected the PhilHealth systems in September.
Herbosa said a PhilHealth crisis committee would be formed and tasked to inform all members whose data were compromised during the attack.
“They have to inform all of them that your data has been breached and change your password and everything. Be careful of phishing expeditions by hackers that can clean up your bank account, because they know your birthday, your ID, etc,” he said.
He said PhilHealth is also ensuring that there is a business continuity plan that would ensure that all the billing, member’s dues and payments, and premiums are still being accepted.
