【醫療行政法】健保資料庫行政訴訟案:個資保護與健保資料之跨機關流動及二次利用【學習式判解評析】 試閱
A Case Study of National Health Insurance Research Database (NHIRD) Lawsuit: Data Sharing and Secondary Use of National Health Insurance Data between Government Agencies and the Protection of Personal Information
衛生福利部中央健康保險署於辦理全民健保業務時,將其所蒐集之全國民眾納保與就醫資料,釋出予第三者建置健康資料庫,並供學術研究等目的外利用,但該行為卻引起資訊自主與資訊隱私保障之爭議,後續並有相關訴訟之提起。雖然中央健康保險署強調該行為係為提升醫療衛生發展與公共利益,但上訴人仍爭執包括告知後同意欠缺、公開透明作業程序不足、新舊法適用爭議、法定職務與公共利益範圍不明確、資訊安全(去識別化)不充分等議題。本文聚焦於臺灣最高行政法院106年度判字第54號判決對於公務機關個資操作行為(蒐集、處理、利用)定位、法定職務依據、目的限制原則、去識別化工具之見解,分析整理該號判決對個資保護之可能影響。
National Health Insurance Administration (NHIA) derives National Health Insurance Research Database (NHIRD) from the mandatory National Health Insurance data related to individuals’ medical treatment and physician reimbursement information. NHIRD has been widely used in academic studies, such as biomedical, pharmaco, epidemiological, and public health researches. However, secondary use of individuals’ healthcare data for applications beyond original collection purposes has raised legitimate privacy concerns and a legal suit was brought against the NHIA. Issues raised in the case include potential infringements of privacy autonomy and information privacy, lack of transparency, vague delineation of public task and public interest, and information security. This article reviews the effect of Taiwan’s Supreme Administrative Court Judgement No. 54 (2017) on personal data/information protection from the perspectives of data processing, public task basis, purpose limitation, and deidentification.
061-087