Go to Home

Search

-Advanced Search   -Search Guidelines

Cardiovasc Prev Pharmacother.  2024 Jan;6(1):8-16. 10.36011/cpp.2024.6.e1.

Using medical big data for clinical research and legal considerations for the protection of personal information: the double-edged sword

Affiliations
  • 1Department of Convergence Public Administration, Hansung University Mirae Plus College, Seoul, Korea
  • 2Department of Medical Informatics, College of Medicine, The Catholic University of Korea, Seoul, Korea
  • 3Division of Endocrinology and Metabolism, Department of Internal Medicine, Seoul St. Mary’s Hospital, College of Medicine, The Catholic University of Korea, Seoul, Korea

Abstract

The advent of medical big data has increased the scope of the clinical use of such data; however, these data have raised serious concerns regarding personal privacy protection, which hinders their usage. For instance, as the pseudonymization or anonymization of data increases, the quality of its clinical use decreases. Thus, a balanced approach is required to maximize clinical data use while protecting personal information as much as possible. However, Korea’s existing laws mandate several kinds of consent; soliciting some of these types of consent can be cumbersome. Moreover, while the collection of medical data by hospitals requires considerable time and money, its ownership is difficult to ascertain. To bridge the enormous gap between the protection of personal information and the use of clinical data, the European Union and countries such as Finland have already proposed various modes of guaranteeing the free movement of personal information that simultaneously strengthen people’s personal rights. Similarly, Korea has initiated the MyData Service, although it faces several limitations. Therefore, this study reviews Korea’s current healthcare big data system, the laws governing data sharing and usage, and compares them with similar laws enacted by the European Union and Finland. It then provides future direction for Korea’s personal information protection legislation. Ultimately, governments must expand and elaborate upon the scope and content of personal information protection laws to enable the development of healthcare and other industries without sacrificing either personal information protection or clinical use of medical data.

Keyword

Big data; Delivery of health care; Privacy

Reference

1. Tanniru MR, Agarwal N, Sokan A, Hariri S. An agile digital platform to support population health: a case study of a digital platform to support patients with delirium using IoT, NLP, and AI. Int J Environ Res Public Health. 2021; 18:5686.
2. Kim HS, Yoon KH. Lessons from use of continuous glucose monitoring systems in digital healthcare. Endocrinol Metab (Seoul). 2020; 35:541–8.
3. Golinelli D, Boetto E, Carullo G, Nuzzolese AG, Landini MP, Fantini MP. Adoption of digital technologies in health care during the COVID-19 pandemic: systematic review of early scientific literature. J Med Internet Res. 2020; 22:e22280.
4. Korea Law Translation Center. Personal Information Protection Act. Act No. 16930 (February 4, 2020) [Internet]. Korea Legislation Research Institute; [updated 2021 Mar 31; cited 2023 May 17]. Available from: https://elaw.klri.re.kr/eng_service/lawView.do?hseq=53044&lang=ENG.
5. Korea Law Translation Center. Act on Promotion of Information and Communications Network Utilization and Information Protection Act. Act No. 17348 (June 9, 2020) [Internet]. Korea Legislation Research Institute; [updated 2021 Jul 29; cited 2023 May 17]. Available from: https://elaw.klri.re.kr/eng_service/lawView.do?hseq=55570&lang=ENG.
6. Korea Law Translation Center. Credit Information Use and Protection Act. Act No. 16957 (February 4, 2020) [Internet]. Korea Legislation Research Institute; [updated 2023 Mar 14; cited 2023 May 17]. Available from: https://elaw.klri.re.kr/eng_service/lawView.do?hseq=63719&lang=ENG.
7. korea.kr. [Three data bills] [Internet]. Korean Ministry of Culture, Sports and Tourism; 2021 [cited 2023 May 17]. Available from: http://www.korea.kr/special/policyCurationView.do?newsId=148867915.
8. Lee D, Park M, Chang S, Ko H. Protecting and utilizing health and medical big data: policy perspectives from Korea. Healthc Inform Res. 2019; 25:239–47.
9. Korean Ministry of Health and Welfare. [Press release: the launch of the My HealthWay (a digital highway)] [Internet]. Korean Ministry of Health and Welfare; 2021 [cited 2023 May 17]. Available from: https://www.mohw.go.kr/react/al/sal0301vw.jsp?PAR_MENU_ID=04&MENU_ID=0403&CONT_SEQ=363763.
10. EUR-Lex. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (text with EEA relevance) [Internet]. EUR-Lex; 2016 [cited 2023 May 17]. Available from: http://data.europa.eu/eli/reg/2016/679/oj.
11. Finnish Ministry of Social Affairs and Health. Act on the Secondary Use of Health and Social Data [Internet]. Finnish Ministry of Social Affairs and Health; 2019 [cited 2023 May 17]. Available from: https://stm.fi/documents/1271139/1365571/The+Act+on+the+Secondary+Use+of+Health+and+Social+Data/a2bca08c-d067-3e54-45d1-18096de0ed76/The+Act+on+the+Secondary+Use+of+Health+and+Social+Data.pdf?t=1559641328000.
12. Korea Law Translation Center. Enforcement Decree of the Personal Information Protection Act. Presidential Decree No. 28355 [Internet]. Korea Legislation Research Institute; [updated 2018 May 3; cited 2023 May 17]. Available from: https://elaw.klri.re.kr/eng_service/lawView.do?hseq=45683&lang=ENG.
13. Kim YM. A study on the activation of health care big data: focusing on the Finnish case. Bio-Med Law. 2019; 22:5–38.
14. Constitutional Court of Korea. Decision of August 30, 2018 (2014Hun-Ma368) [Internet]. Constitutional Court of Korea; 2018 [cited 2023 May 17]. Available from: https://isearch.ccourt.go.kr/search.do#view.do?link=40911_010300%20%E2%80%93%20%ED%95%9C%EA%B8%80%ED%8C%90%EB%A1%80:%202014%ED%97%8C%EB%A7%88368.
15. Korea Law Translation Center. Enforcement Decree of the Act on the Performance of Duties by Police Officers. Presidential Decree No. 29900 (June 25, 2019), Article 8 [Internet]. Korea Legislation Research Institute; [updated 2020 Sep 18; cited 2023 May 17]. Available from: https://elaw.klri.re.kr/eng_service/lawView.do?hseq=51387&lang=ENG.
16. National Health Insurance Sharing Service (NHISS). Data provision guide [Internet]. NHISS of Korea; c2019 [cited 2023 May 17]. Available from: https://nhiss.nhis.or.kr/bd/ab/bdaba001cv.do;jsessionid=s21oa35g1U7B1U5ah1L3ifTEUFH0ke4zLLiezGMJqja00jmpbG3jv7SmEFN9Xmp1.primrose22_servlet_engine10.
17. Kyoung DS, Kim HS. Understanding and utilizing claim data from the Korean National Health Insurance Service (NHIS) and Health Insurance Review & Assessment (HIRA) Database for research. J Lipid Atheroscler. 2022; 11:103–10.
18. Mandl KD, Perakslis ED. HIPAA and the leak of “deidentified” EHR data. N Engl J Med. 2021; 384:2171–3.
19. Shin SY, Kim HS. Data pseudonymization in a range that does not affect data quality: correlation with the degree of participation of clinicians. J Korean Med Sci. 2021; 36:e299.
20. Zhao X, Shi C, Li Y. Can European Union (EU) enlargement boost regional economic common growth? Multi-period difference-in-difference (DID) method. J Environ Public Health. 2022; 2022:4502628.
21. Chico V. The impact of the General Data Protection Regulation on health research. Br Med Bull. 2018; 128:109–18.
22. Vlahou A, Hallinan D, Apweiler R, Argiles A, Beige J, Benigni A, et al. Data sharing under the general data protection regulation: time to harmonize law and research ethics? Hypertension. 2021; 77:1029–35.
23. Korea.kr; Korean Ministry of Science and ICT. [9 Trillion for digital new deal this year: speeding up ‘digital transformation’] [Internet]. Korean Ministry of Culture, Sports and Tourism; 2022 [cited 2023 May 17]. Available from: https://www.korea.kr/special/policyFocusView.do?newsId=148898510&pkgId=49500747.
24. Mondschein CF, Monda C. The EU’s General Data Protection Regulation (GDPR) in a research context. In : Kubben P, Dumontier M, Dekker A, editors. Fundamentals of clinical data science. Springer;2019. p. 55–71.
25. Panetta R, Cristofaro L. A closer look at the EU-funded My Health My Data project. Digit Health Leg. 2017; (11):10–1.
26. Shabani M, Borry P. Rules for processing genetic data for research purposes in view of the new EU General Data Protection Regulation. Eur J Hum Genet. 2018; 26:149–56.
27. Vikstrom A, Moen H, Moosavi SR, Salakoski T, Salantera S. Secondary use of electronic health records: availability aspects in two Nordic countries. Health Inf Manag. 2019; 48:144–51.
28. Kim EC, Kim EY, Lee HC, Yoo BJ. The details and outlook of three data acts amendment in South Korea: with a focus on the changes of domestic financial and data industry. Inf Policy. 2021; 28:49–72.
29. Choi J. [Control of administrative actions by the principle of proportionality in Germany and Korea]. Public Law. 2009; 37:45–87.
30. Wienbracke M. [Legal methodology]. 2nd ed. CF Müller;2020.
31. Molnar-Gabor F, Sellner J, Pagil S, Slokenberga S, Tzortzatou-Nanopoulou O, Nystrom K. Harmonization after the GDPR? Divergences in the rules for genetic and health data sharing in four member states and ways to overcome them by EU measures: insights from Germany, Greece, Latvia and Sweden. Semin Cancer Biol. 2022; 84:271–83.
32. Kim YM. A study on the legality of contracts under public law: focusing on the implications of our administrative law. Public Law J. 2020; 21:471–512.
33. Fukuyama F. What is governance? Governance. 2013; 26:347–68.
Full Text Links
  • CPP
Actions
Cited
CITED
export Copy
Close
Share
  • Twitter
  • Facebook
Similar articles

Cited

Download

Close

Save citations to file

Download

Close

Email citations

Send Email
recaptcha 영역

Close

Copyright © 2024 by Korean Association of Medical Journal Editors. All rights reserved.     E-mail: koreamed@kamje.or.kr