Using medical big data for clinical research and legal considerations for the protection of personal information: the double-edged sword

Abstract

The advent of medical big data has increased the scope of the clinical use of such data; however, these data have raised serious concerns regarding personal privacy protection, which hinders their usage. For instance, as the pseudonymization or anonymization of data increases, the quality of its clinical use decreases. Thus, a balanced approach is required to maximize clinical data use while protecting personal information as much as possible. However, Korea’s existing laws mandate several kinds of consent; soliciting some of these types of consent can be cumbersome. Moreover, while the collection of medical data by hospitals requires considerable time and money, its ownership is difficult to ascertain. To bridge the enormous gap between the protection of personal information and the use of clinical data, the European Union and countries such as Finland have already proposed various modes of guaranteeing the free movement of personal information that simultaneously strengthen people’s personal rights. Similarly, Korea has initiated the MyData Service, although it faces several limitations. Therefore, this study reviews Korea’s current healthcare big data system, the laws governing data sharing and usage, and compares them with similar laws enacted by the European Union and Finland. It then provides future direction for Korea’s personal information protection legislation. Ultimately, governments must expand and elaborate upon the scope and content of personal information protection laws to enable the development of healthcare and other industries without sacrificing either personal information protection or clinical use of medical data.