個人生醫資料,狹義的解釋,是指在醫療的過程中,由病人所提供、或醫師紀錄的各種生理數據。廣義的解釋,則是與健康管理相關的非醫療資訊。 目前我國對於個人生醫資料的保護與應用,散布於不同法令規範。由於個人生醫資料有特殊性,目前我國法規不易周全保護資料當事者的資訊安全。本論文比較歐盟、美國、日本法規與案例,分析生醫個資隱私權、同意權、資料去識別化、二次利用,以及個人資料保護法規之學說與實務發展,希望能對於企業在應用個人生醫資料上,提供法遵程序與資料保護建議。 在個人生醫資料利用之法律遵循上,以法律為基礎,搭配資訊安全的專業能力,建立嚴格的自律機制,符合消費者的需求與信任,方能合理地利用生醫資料,進行創新資料與現代化公共服務。
Personal biodata, in a narrow sense, refers to the various physiological data provided by the patient or recorded by the doctor during the medical process. The broad interpretation is non-medical information reldated to health management. Protection and application of biodata in R.O.C (Taiwan) are scattered in different laws and regulations. Due to the particularity of biodata, it is not easy to comprehensively protect the information security of the parties involved in the data in our country's laws. This article compares EU, US, and Japan regulations and cases, and analyzes the theory and practice of biodata information privacy, consent, de-identification, data secondary use, and personal data protection laws, which provide legal compliance procedures and data protection suggestions. With regard to the legal compliance of the use of biodata, it is based on the law, combined with the professional capabilities of information security, and established a strict self-discipline mechanism to meet the needs and trust of consumers, and provide innovative mdaterials and modern public services.