醫事機構之個人資料保護法遵指引——從健保資料庫案談起【本期企劃】 試閱
A Guideline of the Compliance of Personal Data Protection Act for Medical Institutions - A Discussion from National Health Insurance Database Case
憲法法庭在公布111年度憲判字第13號案中,認為建置健保資料庫欠缺對於個人資料保護之規範,對於個人資料「保護不足」違憲。此意味著憲法法庭已經要求國家提高對於人民個人資料保護的強度,可預期將帶動政府和民間對於我國個人資料法制在制度面和執行面之檢討,而醫事機構更是首當其衝。醫事機構在健保資料庫案判決作成後,就了解健保資料庫案判決的內容並重新檢視醫事機構在運用醫療個人資料時的法律要求,即時地避開法律風險有其必要性。本文的目的,即是欲從健保資料庫案出發,逐步地從憲法、法律、法規命令的盤點,醫事機構在使用個人資料時的法遵要求,以供醫事機構在經營業務時,得以避開法律風險。
In Taiwan Constitutional Court Judgment 111-Hsien-Pan-13 (2022), the Constitutional Court held that regulations and laws which established Taiwan’s National Health Insurance Database were unconstitutional because they did not provide enough legal protections for citizens’ personal data. Taiwan Constitutional Court exhibited its attitude to strengthen the protection of citizens’ right to privacy. It can be expected that the government and the public will conduct a comprehensive review of Taiwan’s personal data protection mechanism and effects and directly impacts medical institutions which use an amount of personal sensitive data. This article is thus aimed at analyzing how medical institutions comply with the Constitution, laws, and regulations which protect personal data when they practice their businesses.
055-070