摘要
数字时代背景下,大数据、算法、云计算等数字技术在医疗领域的广泛应用增加了个人信息被侵犯的风险.医疗机构在诊疗实践中出现过度收集、违法使用和非法出售患者个人信息等现象,导致患者个人信息受到侵害.进一步分析导致医疗机构个人信息保护困境的因素,包括患者个人信息权利与公共利益价值冲突、医疗机构公益属性与市场趋利性的冲突、医疗机构对患者个人信息保护能力不足.为保护患者个人信息安全,实现公共利益与个人信息权的平衡,医疗机构应在合规路径上充分贯彻知情同意原则、比例原则与信息最小化原则,并引入个人信息被遗忘权与信息删除权等数字时代新的权利要素.通过开展个人信息合规与风险评估,确保医疗机构合规与个人信息权利得到充分有效保护.
Abstract
In the digital age,the extensive application of digital technologies such as big data,algorithms,and cloud compu-ting in the medical field has increased the risk of personal information breaches.Medical institutions have exhibited practices like excessive collection,illegal use,and illicit sale of patient information.This paper examines factors leading to the challenges in per-sonal information protection,including conflicts between patients'information rights and public interest values,conflicts between the public welfare attributes and profit-oriented elements of medical institutions,and the inadequate capabilities of medical institu-tions in protecting patient information.To safeguard patient information and balance public interest with individual information rights,medical institutions should implement compliance measures that fully integrate informed consent,proportionality,and data minimization principles.Additionally,incorporating new rights such as the right to be forgotten and the right to data deletion is es-sential.Through compliance and risk assessments,it is crucial to ensure that medical institutions achieve full compliance and effec-tive protection of personal information in the digital era.
基金项目
国家社会科学基金资助重点项目(23AFX010)
中国法学会民法学研究会青年学者研究项目(2022MFXH014)
维普
万方数据