• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.3-35
• /
• 2021

Inmitten der Flut der privaten und öffentlichen Information gilt die riesige Informationsmenge als Schlüsselressource im Zeitalter der 4. industriellen Revolution, repräsentiert durch Big-Data. Das Interesse an diesen wächst weltweit. Es gibt eine aktive Diskussion darüber, wie man Daten sichert und akkumuliert und wie man die gesammelten Daten sicher und effektiv nutzt. Gesundheitsdaten werden vor allem als die wertvollste Ressource bewertet, für die Big-DataTechnologie eingesetzt wird. Um Gesundheitsdaten sinnvoll zu nutzen, müssen verteilte Gesundheitsdaten integriert und den Benutzern in einer Form zur Verfügung gestellt werden, die für Forschung oder Inspektion verwendet werden kann. In einer Situation, in der große Länder um den Aufbau bzw. die Führung der Datenwirtschaft konkurrieren, wurden im August 2020 auch in Südkorea die sog. „3-Daten-Gesetze" geändert, die das Datenschutzgesetz(DSG) enthälten. Das DSG führte das Konzept der pseudonymen Informationen ein und baute eine Rechtsgrundlage für deren Verwendung auf. Als Folgemaßnahme kündigte die, Kommission für den Schutz personenbezogener Daten(Personal Information Protection Commission: PIPC)' die „Richtlinien für die Bahandlung mit pseudonymen Informationen" und, Ministerium für Gesundheit und Wohlfahrt' die „Richtlinien für die Verwendung von Gesundheitsdaten" an. Gesundheitsdaten stehen direkt in Zusammenhang mit Leben und Körper des Menschen und damit enthalten viele sensible Daten. Es handelt sich also um ein System, das aus einer vorsichtigeren und konservativeren Sicht unter der Voraussetzung verwendet werden kann, personenbezogene Daten sicherer zu schützen. Um die Hauptinhalte der „Richtlinien für Verwendung von Gesundheitsdaten" zu analysieren, überprüften wir zunächst die Hauptinhalte des überarbeiteten DSG. Danach durch die Analyse der wesentlichen Inhalte der „Richtlinien für Verwendung von Gesundheitsdaten" wurden Probleme wie Konflikte mit anderen Gesetzen und Verbesserungsmaßnahmen überprüft.

• The Korean Society of Law and Medicine
• /
• v.22 no.3
• /
• pp.31-55
• /
• 2021

The Personal Information Protection Act, one of the revised 3 Data Laws, established a special cases concerning pseudonymous data. As a result, a personal information controller may process pseudonymized information without the consent of data subjects for statistical purposes, scientific research purposes, and archiving purposes in the public interest, etc. In addition, as a follow-up to the revised Personal Information Protection Act, a 'Guidelines for Utilization of Healthcare Data' was prepared, which deals with the pseudonymization in the medical sector. The guidelines are meaningful in that they provide practical criteria for accomplices by defining specific interpretations and examples that take into account the characteristics of healthcare data. However, the guidelines need to clarify the purpose of using pseudonymous data and strengthen the fairness of the composition of the data deliberation committee. The guidelines also require establishing a healthcare data compensation framework and strengthening the protection of rights for vulnerable subjects. In addition, the guidelines need to be adjusted for inconsistency with the Bioethics and Safety Act and the Medical Service Act. It is expected that this study will contribute to the creation of a safe environment for the utilization of healthcare data as well as the improvement of related laws and systems.

• The Journal of Bigdata
• /
• v.2 no.2
• /
• pp.67-74
• /
• 2017

The use of Bigdata plays an important role in all areas of society. Especially in the health care field, the role of Bigdata is very considerable because it deals with people's life and health. However, the interest and awareness of quality control of medical data is markedly low. Because the low-quality medical Bigdata leads to national loss and public health impairment, quality control of medical Bigdata is needed. The purpose of this research is to present the direction of medical Bigdata quality management by examining literature and cases of domestic and foreign medical Bigdata quality management practices. In addition, as a case of medical Bigdata quality control in the Y medical institution in Korea, activities of a Bigdata quality management TFT and results of a survey conducted for major data users in the hospital were presented.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.117-157
• /
• 2021

This research reviewed the HIPAA/HITECH, 21st Century Cures Act, Common Law, and private Guidances from the perspectives in protecting and utilitizing the medical data, while implications were followed. First, the standards for protection and utilization are relatively clearly regulated through single law on personal medical information in the United States. The HIPAA has been introduced in 1996 as fundamental act on protection of medical data. Medical data was divided into personally identifiable information, non-identifying information, and limited dataset under HIPAA. Regulations on de-identification measures for medical information, objects for deletion of limited data sets, and agreement on prohibition of data re-identification were stipulated. Moreover, in the 21st Century Cures Act regulated mutual compatibility for data sharing, prohibition of data blocking, and strengthening of accessibility of data subjects. Common Law introduced comprehensive consent system and clearly stipulates procedures. Second, the regulatory system is relatively simplified and clearly stipulated in the United States. To be specific, the expert consensus and the safe harbor system were introduced as an anonymity measure for identifiable medical information, which clearly defines the process while increasing trust. Third, the protection of the rights of the data subject is specified, the duty of explanation is specified in detail, while the information right of the consumer (opt-out procedure) for identification information is specified. For instance, the HHS rule and FDA regulations recognize the comprehensive consent system for human research, but the consent procedure, method, and requirements are stipulated through the common rule. Fourth, in the case of the United States, a trust-based system is being used throughout the health and medical data legislation. To be specific, Limited Data Sets are allowed to use in condition to the researcher's agreement to prohibit re-identification, and de-identification or consent process is simplified under the system.