文章詳目資料

輔仁法學

  • 加入收藏
  • 下載文章
篇名 健保資料二次使用之個人資料保護立法芻議-111年憲判字第13號【健保資料庫案】判決之回應
卷期 66
並列篇名 A Proposal to Enact New Personal Data Protection Law in Governing Secondary Use of National Health Insurance Data: Suggested Legislation to Comply with Notions of the Taiwan Constitutional Court Judgment No. 111-Hsien-Pan-13
作者 張陳弘
頁次 307-378
關鍵字 全民健康保險資料庫111年憲判字第13號判決個人資料保護法資訊隱私健康資料資料治理National Health Insurance Research DatabasesPersonal Data Protection ActTaiwan Constitutional Court Judgment 111-Hsien-Pan-13Information PrivacyHealth DataData Governance
出刊日期 202312

中文摘要

由於111年憲判字第13號僅分別就全民健康保險法第79條、第80條及個人資料保護法第6條第4項第1款進行違憲審查,而分別得出健保署之健保資料庫建置與管理,欠缺法律明確規定,違反憲法第23條法律保留原則之要求,以及個資法作為個資保護的框架性規範,並非專為健保資料庫建置而設,而得出個資法第6條第4項第1款與法律明確性原則、比例原則尚屬無違。因此,111憲判13除了指出相關法制欠缺當事人得請求停止利用其健保個資之相關規定,係屬違憲外,幾乎未對健保資料庫建置與運用之個資保護法制應如何設計,具有指引之效。本文認為健康資料之二次使用已為全球智慧醫療產業發展之趨勢,且只要優化個資保護法制之設計,健康資料庫之建置甚至能帶給資訊隱私權更好的保護效果。本文乃基於111憲判13、人體生物資料庫管理條例,以及相關比較法觀察,提供未來健保資料二次使用之個資保護立法建議。

英文摘要

In Taiwan Constitutional Court Judgment 111-Hsien-Pan-13, the legal issue under judicial view was-whether Articles 79 and 80 of the National Health Insurance Act and Article 6, Paragraph 1, Item 4 of the Personal Data Protection Act were in breach of the Constitutional Law. The Constitutional Court decided in said judgment that-(1) the National Health Insurance Administration's establishment and management of the health database was conducted without an express authorization by laws and therefore was in breach of the principle of legal reservation as stipulated in Article 23 of the Constitution; and (2) the Personal Data Protection Act was enacted to serve as a baseline protection for information privacy and was not only for the health database; Article 6, Paragraph 1, Item 4 is therefore not in breach of the principle of legal certainty and principle of proportionality. While said judgment has ruled that the relevant regulations are in breach of the Constitutional Law for lacking appropriate regime in providing individuals to stop others from using their own personal data, there is little guidance provided in said judgment as to what is the appropriate regulatory mechanism for purpose of protecting health data if such data will be processed in a health database organization. This article proposes that while the collection and usage of health data has become an important part of developing smart health industry and it is a global trend to build up heath database, it is more practical to look for approaches to improve the infrastructure of personal data protection; with an improved and better structured health database for matters of information privacy protection, the database might be able to offer an enhanced level for protection personal data. This article proposes that, in designing an appropriate protection regime in the future, the Human Biobank Management Act can be referred to as a model with appropriate amendments made with reference to the comparative law study.

相關文獻