智慧醫療與個人資料保護──由行政裁罰至刑法規制的思考理路【本期企劃】 試閱
Smart Healthcare and Data Protection: A Discussion between Administrative Sanction and Penalty
智慧醫療的開展以大數據分析為前提,應如何在合法的情況下蒐集、利用患者的個人資料,成為產業發展的先決條件。2018年8月歐盟一般資料保護規範生效後,歐盟境內的居民都得以援引一般資料保護規範的規定行使其個人權利,影響範圍遍及全球;在歐盟一般資料保護規範的架構下,英國的資料保護法更將侵害個人資料的不法行為給予刑事處罰,使得個人資料自主權轉而具有法益的特質。前述改變挑戰了刑罰的謙抑色彩,但在大數據當道的年代,刑罰謙抑的尺度應否退讓、又應如何調整,似乎有再商榷的餘地。
Big data analyses serve as the foundation for establishing smart healthcare. However, legal collection and use of patients’ personal information have become the prerequisites for the ongoing development of smart healthcare and other related industries. EU’s General Data Protection Regulation (GDPR) took effect in August 2018. Since then, the residents within the EU territory have been able to exercise their rights by referring to the GDPR, which undoubtedly imposes effects on the whole world. Under the structure of the GDPR, the UK has stipulated that the illegal behavior violating against the law for protecting personal information will receive criminal punishment. This regulation characterizes individuals’ autonomy over their personal information with legal interests. Hence, the aforesaid shift brings challenges to criminal punishment that features the principle of restraint. Being in the era dominated by big data, it seems that more discussions and debates should be made over the concession and adaptation in terms of the principle of restraint that applies to criminal punishment.
047-057