• Korea Journal of Hospital Management
• /
• v.8 no.2
• /
• pp.111-129
• /
• 2003

This study discusses the direction of legislation to strengthen the legal protection of medical records privacy in information age. The legislation trends on privacy protection of medical records in European Union and United States are analysed and the current law and regulation of Korea on medical records are compared. The issues discussed include the ownership of medical records, the patient's right of access to medical records, medical information publication for other than treatment or insurance processing use, confidentiality responsibility of provider organizations, medical information management in provider organizations, penalty for the unlawful use of patient information. This study concludes that the patients' right on medical record and provider organization's responsibility in processing patient information should be strengthened in order to protect patients' privacy and to conform to the international standard on medical record protection in the information age.

• The Journal of the Korea Contents Association
• /
• v.16 no.1
• /
• pp.585-594
• /
• 2016

This study is aimed at researching and analyzing the students' recognition and practice of the patents medical information, who are majoring in medical records and will be working as medical records technician, letting them recognize the importance of information, and at offering basic data required for development of medical records curriculum and for establishment of medical records protection policy. This study was conducted from 18th May through 6th June 2015, targeting 340 students enrolled four universities, by t-test, variance analysis, Pearson correlation analysis and multiple regression analysis. As a result of this study, the point of protection recognition and practice recognition is 3.55 and 3.49, respectively, out of 5. With regard to recognition of medical information protection, there was a significant difference in grade, satisfaction for major, experience of medical information protection education and recognition of law, while for recognition of practice, in grade, satisfaction for major, educational experience and damage of medical information exposure. Recognition of protection and recognition of practice had a significant static correlation, and recognition of information exposure, recognition of social issue and recognition of legal system had significant positive effect on recognition of practice. In order to raise the recognition of protection and recognition of practice, based on this study, it is considered necessary for the universities to educate the damage of medical information exposure and importance of medical records management, and to raise the students' recognition.

• The Journal of the Korea Contents Association
• /
• v.14 no.11
• /
• pp.164-174
• /
• 2014

The purpose of this study is to explore ways to resolve the conflicting issues that are currently applied in medical Act and medical privacy Act through the comparative Analysis of the Privacy Act and the Medical Information Protection Act foreign. the results run to establish the Public Health Act coming for the protection of health information is a characteristic of many countries, France in Europe, the United States and Canada had been running an independent medical information laws are enacted. Prescribes penalties of up to a fairly systematic method from the case records of patients would not have occurred in the management and implementation of the law and the protection of the author of the book focuses on the subject of medical records and physician records between patient confidentiality and privacy it can be seen that the method defined in. This indicates the need for the establishment of an independent medical information laws to protect all records relating to the patient systematically Korea also.

• The Korean Society of Law and Medicine
• /
• v.13 no.1
• /
• pp.359-395
• /
• 2012

In a broad term, health and medical data means all patient information that has been generated or circulated in government health and medical policies, such as medical research and public health, and all sorts of health and medical fields as well as patients' personal data, referred as medical data (filled out as medical record forms) by medical institutions. The kinds of health and medical data in medical records are prescribed by Articles on required medical data and the terms of recordkeeping in the Enforcement Decree of the Medical Service Act. As EMR, OCS, LIS, telemedicine and u-health emerges, sharing and protecting digital health and medical data is at issue in these days. At medical institutions, health and medical data, such as medical records, is classified as "sensitive information" and thus is protected strictly. However, due to the circulative property of information, health and medical data can be public as well as being private. The legal grounds of health and medical data as such are based on the right to informational self-determination, which is one of the fundamental rights derived from the Constitution. In there, patients' rights to refuse the collection of information, to control recordkeeping (to demand access, correction or deletion) and to control using and sharing of information are rooted. In any processing of health and medical data, such as generating, recording, storing, using or disposing, privacy can be violated in many ways, including the leakage, forgery, falsification or abuse of information. That is why laws, such as the Medical Service Act and the Personal Data Protection Law, and the Guideline for Protection of Personal Data at Medical Institutions (by the Ministry of Health and Welfare) provide for technical, physical, administrative and legal safeguards on those who handle personal data (health and medical information-processing personnel and medical institutions). The Personal Data Protection Law provides for the collection, use and sharing of personal data, and the regulation thereon, the disposal of information, the means of receiving consent, and the regulation of processing of personal data. On the contrary, health and medical data can be inspected or delivered of the copies, based on the principle of restriction on fundamental rights prescribed by the Constitution. For instance, Article 21(Access to Record) of the Medical Service Act, and the Personal Data Protection Law prescribe self-disclosure, the release of information by family members or by laws, the exchange of medical data due to patient transfer, the secondary use of medical data, such as medical research, and the release of information and the release of information required by the Personal Data Protection Law.

• Journal of Korean Society of Archives and Records Management
• /
• v.13 no.3
• /
• pp.151-171
• /
• 2013

To comprehend the importance and necessity of record management metadata standard implemented in an electronic medical records system, a survey was undertaken to 50 medical records managers in charge of 5 major hospitals in Seoul. Analysis of the survey results was performed by averaging the responses given by those who answered the survey. SPSS was utilized for statistical analysis. Managers of medical records placed importance on metadata that are related to security of records, such as "levels of security", "types of access to medical records", "levels of authorization granted to personnel", and "users accessing medical records". It shows that these managers need the functions of privacy protection in ERMS. Metadata on "external disclosure" had the lowest level but those surveyed with more than 7 years of experience placed greater importance in this area more those surveyed with less than 7 years of experience in a hospital. This shows that managers need the functions of external disclosure to meet the needs of third partiesfor medical research and medical education.

• The Korean Society of Law and Medicine
• /
• v.9 no.2
• /
• pp.339-382
• /
• 2008

Medical information is one of significant private information that includes in-dividual's own diverse information. Once opened, it exposes one's health condition and medical history to a third party, which could bring about serious troubles. On this account, the third parties are of much concerns about the information. If medical information collected through various routes is used with another purpose, oilier than the initial intention, it might cause serious results beyond one's control. Thus, it is essential to keep the information confidential. Also, the discrimination based on the medical information ought to be banned because it is likely to happen that exposed information socially stigmatizes a person, being discriminated in a work place or a school when he/she is employed or gets an insurance. In the current system, only medical institutions are responsible for protecting or securing medical records. Despite the information technology development and the increased interests in medical information, there are quite a few limitations in legal, technical, and administrative aspects. All kinds of organizations, involved in collecting and using the information, as well as medical institutions primarily producing and managing it should share the responsibilities.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.695-697
• /
• 2013

Medical data sharing is increasing due to treatment duplication which increases the cost of medication. Medical healthcare system has been improved to combine with cloud computing. It reduces treatment delay and the medical data error. However, the concern about the privacy protection of medical information is also significant. Medical information is more sensitive than other information because involuntary disclosure can affect in both personal and social life. Privacy cloud brokerage has conquered great attention for solving these problems. Our method provides a security model in the cloud computing environment that facilitates the exchange of medical records between assigned custodians. It allows doctors to obtain a complete patient medical records which can help to avoid duplication, reduce the medical error and healthcare cost as well. In addition, our method offers a trustworthy solution against the privacy violence.

• The Journal of Korean Academic Society of Nursing Education
• /
• v.22 no.1
• /
• pp.83-95
• /
• 2016

Purpose: This study aims to identify perception, performance, and the related factors of performance in regards to patients' medical information protection among allied health college students. Methods: Four hundred twelve subjects from three colleges located in Jeonbuk and Kyungbuk province consented to participate. Data was collected from November 28 to December 15, 2012. To assess perception and performance in regards to patients' medical information protection, a self-reporting questionnaire was used. Data was analyzed via SPSS 18.0 program. Results: The score of perception and performance about patients' medical information protection were 4.07 and 3.56, respectively. All item's scores of performance were significantly lower than those of perception. The perception score was significantly different according to recognition of hospital ethics code (t=1.95, p=.052), and recognition of association ethics code (t=2.88, p=.004). The performance score was significantly different according to gender (t=-3.32, p=001), major (F=14.41, p<.001), clinical practicum hospitals (F=8.22, p<.001), and method of electronic medical record access (F=3.23, p=.023). The factors influencing performance were perception(${\beta}=.46$, p<.001), duration of clinical practice(${\beta}=-.36$, p<.001), and gender(${\beta}=.09$, p=.033). Conclusion: In order to improve performance in regards to patients' medical information protection of allied health college students, we should develop ethical education programs and standardize them through multidisciplinary collaboration.

• The Korean Society of Law and Medicine
• /
• v.21 no.2
• /
• pp.75-103
• /
• 2020

There is a growing voice that medical information should be shared because it can prepare for genetic diseases or cancer by analyzing and utilizing medical information in big data or artificial intelligence to develop medical technology and improve patient care. The utilization and protection of patients' personal information are the same as two sides of the same coin. Medical institutions or medical personnel should take extra caution in handling personal information with high environmental distinct characteristics and sensitivity, which is different from general information processors. In general, the patient's personal information is processed by medical personnel or medical institutions through the processes of collection, creation, and destruction. Still, the use of terms related to personal information in the Medical Service Act is jumbled, or the scope of application is unclear, so it relies on the interpretation of precedents. For the medical personnel or the founder of the medical institution, in the case of infringement of Article 24(4), it cannot be regarded that it means only medical treatment information among personal information, whether or not it should be treated the same as the personal information under Article 23, because the sensitive information of patients is recorded, saved, and stored in electronic medical records. Although the prohibition of information leakage under Article 19 of the Medical Service Act has a revision; 'secret' that was learned in business was revised to 'information', but only the name was changed, and the benefit and protection of the law is the same as the 'secret' of the criminal law, such that the patient's right to self-determination of personal information is not protected. The Privacy Law and the Local Health Act consider the benefit and protection of the law in 'information learned in business' as the right to self-determination of personal information and stipulate the same penalties for personal information infringement such as leakage, forgery, alteration, and damage. The privacy regulations of the Medical Service Act require that the terms be adjusted uniformly because the jumbled use of terms can confuse information subjects, information processors, and shows certain limitations on the protection of personal information because the contents or scope of the regulations of the Medical Service Law for special corporations and the Privacy Law may cause confusion in interpretation. The patient's personal information is sensitive and must be safely protected in its use and processing. Personal information must be processed in accordance with the protection principle of Privacy Law, and the rights such as privacy, freedom, personal rights, and the right to self-determination of personal information of patients or guardians, the information subject, must be guaranteed.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.279-286
• /
• 2012

The purpose of this study was identified the influence of introducing Electronic Medical Records (EMR) on reception attitude, based on literature investigation, the study converted utility and serviceability from Davis TAM Model into awareness of effects in computerized database except attitude variable. The electronic survey for doctors, nurses, medical technicians of a general hospital located in Gangwon-do was performed for 4 weeks from Nov, 11th, 2009 to Dec, 2nd and the collected data was computerized through SPSS 12.0. The factors influencing reception attitude were divided into 4 categories; basic characteristics of the individual, awareness of privacy protection, awareness of effects in computerized database, technological preparation and measured detailed specific variables. As the result of this, the factors influencing reception intention were different depending on recognizing the effectiveness caused by computerization of medical information. Especially, in terms of the difference between basic characteristics of the individual and awareness of privacy protection, there were significant distinctions among 3 sectors; general, transactional, online information management. The significant effects were identified from information management related to business or online information management depending on experiencing security education.