| 英文摘要 |
The criminal protection of health and medical data is an important component of achieving the Healthy China strategy. However, in the protection of health and medical data, the current criminal law adopts a control based protection model that ensures the effective control of data subjects over data, which lacks appropriateness. The control based protection of health and medical data by criminal law is not only difficult to prevent secondary leakage of health and medical data, but also creates loopholes in the protection of health and medical data, which is not conducive to the development and application of health and medical data. The reason why the control based protection of health and medical data in criminal law has encountered the above-mentioned problems is that it ignores the differentiation of types of health and medical data and does not pay attention to the differences in security attributes of different types of health and medical data. After comparing and analyzing the sharing attributes of health and medical data, it can be found that health and medical data can be divided into two types: unshared health and medical data and open sharing health and medical data. Unshared health and medical data refers to health and medical data that is not suitable for sharing with other units, organizations, or individuals; this includes health and medical data related to personal privacy, trade secrets, and state secrets among the six types of data listed in China's Information Security Technology Health and Medical Data Security Guidelines. Open sharing health and medical data refers to health and medical data that is unconditionally or conditionally open sharing with other units, organizations, and individuals; this includes six types of data listed in China's Information Security Technology Health and Medical Data Security Guidelines, which do not involve personal privacy, trade secrets, or state secrets, as well as data obtained from desensitization and declassification of health and medical data involving personal privacy, trade secrets, and state secrets. Moreover, the focus, intensity, and mode of criminal law protection required for unshared and open sharing health and medical data are not the same. Although confidentiality, integrity, and availability are usually considered as the three security attributes of health and medical data security, the confidentiality, integrity, and availability of health and medical data do not need to be protected as a whole. They are relatively separate relationships under the premise of overall unity. In fact, in terms of security protection requirements, unshared health and medical data focuses more on the protection of data confidentiality by criminal law, while open sharing health and medical data focuses more on the protection of data integrity and availability by criminal law. Criminal law should categorize the protection of health and medical data based on the differences in security protection needs. On the one hand, the criminal law should strengthen the control based protection of unshared health and medical data, which requires incorporating the illegal use of unshared health and medical data that involves personal privacy into the scope of criminal law regulation. On the other hand, the protection of open sharing health and medical data in criminal law should shift from control based protection to utilization based protection that focuses on protecting the legitimate use of data by data subjects. The utilization oriented shift of the criminal law protection for open sharing health and medical data requires not only incorporating the act of destroying open sharing health and medical data into the scope of criminal law regulation, but also using the rationality principle as a reason to hinder the illegality to the processing of open sharing health and medical data. |
本站僅提供期刊文獻檢索。
