| 英文摘要 |
In the four court judgements where this dispute was decided, two main issues associated with Item 4, Paragraph 1 of Article 6 and Item 5 of Article 16 of the Personal Information (Data) Protection Act remain unresolved. One is the required degree of de-identification of personal health data and the other issue relates to an individual’s right of eraser of his/her own personal data from the Taiwan’s National Health Insurance Research Database. This article argues that the principle rule is that the National Health Insurance Administration (NHI) shall obtain the individual’s consent before it can collect, process and use personal data in order to protect one’s right of controlling his/her data. However, if the control interest has to be put aside in certain circumstances, the NHI has to demonstrate the existence of other legal interests which outweigh such personal control interest to justify its collection/processing/use of personal health data without consent. In this respect, the court’s reliance on NHI’s sole defense that personal privacy shall have been well protected since the data are de-identified without requesting NHI to demonstrate the greater legal interests that deserve protection has failed to consider the nature of a person’s control interest. Additionally, the court also failed to consider the difference between the interest of control and the interest of secrecy and intimacy when it dismissed plaintiffs’ claim that their personal data shall be removed from the NHI database and held that since the personal information has been de-identified, there should be no concern of privacy invasion. As a matter of clarification, the right of erasure is to protect a person’s control interest while the de-identification is to ensure the protection of a person’s secrecy and or/ intimacy. Whether or not the personal information has been de-identified shall not be confused with a person’s right of erasure and these two issues need to be reviewed separately. |
本站僅提供期刊文獻檢索。
