Personal biodata, in a narrow sense, refers to the various physiological data provided by the patient or recorded by the doctor during the medical process. The broad interpretation is non-medical information reldated to health management. Protection and application of biodata in R.O.C (Taiwan) are scattered in different laws and regulations. Due to the particularity of biodata, it is not easy to comprehensively protect the information security of the parties involved in the data in our country's laws. This article compares EU, US, and Japan regulations and cases, and analyzes the theory and practice of biodata information privacy, consent, de-identification, data secondary use, and personal data protection laws, which provide legal compliance procedures and data protection suggestions. With regard to the legal compliance of the use of biodata, it is based on the law, combined with the professional capabilities of information security, and established a strict self-discipline mechanism to meet the needs and trust of consumers, and provide innovative mdaterials and modern public services.