Introduction: Medical big data refers to the source of new value from the analysis, management, and capture of large-capacity data from big data software to achieve new insights into big data analysis. Medical big data presents two contradictory features, and personal information is more vague and clearer. Because medical big data contains almost all personal information of citizens, including medical care, food, shelter, travel registration, etc., it is necessary for us to protect the privacy of individual rights, and to rationally use big data other than personal rights information. Personal privacy security risks, using medical law to regulate medical big data.
The concept and characteristics of medical big data
Medical big data is one of big data. Compared with general data, big data refers to large-capacity data that is difficult to capture, manage, and analyze using conventional software. American scholar Victor Meyer Schonberg interprets big data as a source of new insights, new value, and a way to change markets, organizations, and government-citizen relationships. Through big data analysis, medical scientists can more easily predict the efficacy of a new diagnosis and treatment method; traders can timely interpret seemingly disorganized transaction data and make trading decisions; the government can simultaneously analyze dam data in various river basins and guide flood control Disaster relief, and so on. Therefore, by analyzing big data, new knowledge can be gained, new decisions can be realized, and new values ​​can be created.
Medical big data is extremely important in big data. On the one hand, in modern society, human health is playing an increasingly important role in the people's livelihood in all countries of the world; on the other hand, mobile/internet medical, automated analytical detectors, The popularity of wearable devices, etc., has made patients, doctors, businesses, and government parties a direct creator of data, generating massive amounts of medical data every day.
Compared with general medical data, medical big data presents two basic characteristics that are related to each other. First, the characteristics of personal information are more vague. "Identity" is the most essential feature of personal information, such as a single medical record, as long as the original medical record is obtained, the "identifiability" characteristics of the individual such as name, residence, age, marriage, disease, etc. are at a glance, but for one Packaged medical big data, such as large data collected by a large number of people through wearable devices, such as non-professional analysis software, it is difficult to find identifiable personal information from the original data by ordinary means; second, personal information is more Easy to analyze. This seems to contradict the first feature, but in fact, even if all medical records hide private information such as name, age, residence, etc., under the conditions of big data, through more extensive and deep search, combined with other features, there is It is possible to restore a personal information that has been hidden from the medical record.
These two basic and legal characteristics of medical big data affect the legal regulation of medical big data.
Classification of medical big data
Compared with other types of big data, medical big data contains almost all personal information of citizens, from the most intimate body and disease information, to the personal life track, to residence, medical insurance, property information and so on. Different personal information corresponds to different legal protection rules, so it is necessary to legally classify medical big data.
The premise of classification is to determine the classification criteria. In view of the purpose of this paper to explore the legal regulation of medical big data, the purpose of legal regulation is to balance individual rights with the rights of others, the so-called "group rights." As far as medical big data is concerned, the so-called individual rights are mainly privacy protection. The so-called rights of others are mainly the rational use of big data by the owners of medical big data. Therefore, according to the distance of privacy and the risk of reasonable use, combined with the existing legal norms, the medical big data, I try to classify as follows:
(1) Medical records of medical records
According to the first article of the National Health and Family Planning Committee's Basic Rules for the Recording of Medical Records, medical records refer to the sum of texts, symbols, charts, images, slices, etc. formed by medical personnel in the course of medical activities, including the medical records of the door (emergency). And hospitalized medical records. The medical record directly records the most private information of citizens' bodies and diseases, and is the most important legal evidence for citizens to exercise their personal protection rights. The state has also formulated the most complete legal norms for the writing, management and use of medical records. The medical records have Unlike the distinctive features of non-medical data, it should be considered as a separate category.
Of course not all medical records constitute medical big data. Under normal circumstances, the emergency medical records are kept by the patients themselves, and the hospitalized medical records are kept separately by the hospital and will not form medical big data. However, when these medical records are entered, managed, and analyzed via computer big data technology, they may constitute medical big data. The medical records formed by the hospital using the electronic medical record system constitute medical big data.
In addition, under mobile and Internet medical conditions, doctors can conduct consultations, consultations, referrals, etc. on the mobile and computer terminals, or test and check data obtained through the wearable device under the doctor's advice. Because it conforms to the basic definition of medical records, “the sum of words, symbols, charts, images, slices, etc. formed by medical personnel in the course of medical activitiesâ€, it should also be defined as medical records, and the resulting big data constitutes medical records. data.
However, the wearable device data purchased by the patient itself, self-collected, large-scale automation equipment such as CT instrument, MRI instrument, B-ultrasound, hemodialysis device, various interventional treatment devices, even surgical robots, etc., through these devices The computer program automatically runs to obtain data, such as various body parameters obtained during CT scan, immediate body temperature, blood pressure, blood filtrate composition, density, etc. obtained during hemodialysis. Although these data are also important, they are not After being subjectively analyzed and collected by the doctor, it is recorded in the medical record and has nothing to do with the medical behavior of the doctor. Therefore, it cannot be a medical record or constitute a medical record big data. This kind of data, I attribute it to the following non-medical medical big data. Of course, non-medical medical data is not limited to this.
The production and management of medical big data that can be defined as medical records shall comply with the state's legal provisions on medical records, including the Basic Rules for Medical Record Writing, the Medical Record Management Regulations for Medical Institutions, the Practitioners Law, and the Tort Liability Act. ", Medical Accident Treatment Regulations, etc. The most basic norms include the absolute protection of the patient's privacy in the medical record. The doctor's time should be accurate to the minute. All medical record writers should have real names. The medical records should be preserved with original marks and signed by doctors. The medical records should be copied by patients at any time. It should be guaranteed that it can be sealed, and the entry of relevant medical record data should be completed within the time limit prescribed by law.
(2) Non-medical medical data
Other medical big data outside the medical record can be called non-medical medical big data. The key difference between non-medical medical data and medical record big data is whether it is formed by doctors in the diagnosis and treatment of specific patients.
Sources of non-medical medical data can include:
1. Non-medical medical data generated during the diagnosis and treatment of diseases, as described above, related parameters formed during CT, MRI, hemodialysis, renal dialysis, DSA, etc., although these parameters are related to human health. Related, but not recorded in the medical records for doctors, only stored in computer programs, can not be classified into medical records of medical records, but should be classified as non-medical medical data. In addition, the payment data formed during the patient's diagnosis and treatment process includes medical insurance and non-medical insurance, including the hospital's fee breakdown, disease spectrum, etc., will not be included in the medical record, and should be classified as non-medical medical data. Under big data conditions, these data may be analyzed by the system to generate new value.
2. Transaction data formed by patients during the online drug purchase process. In the case of mobile and Internet purchases, the name, price, quantity, and patient information of the drug transaction become self-contained. These transaction data formed in the intelligent terminal will not enter the medical record and belong to the non-medical medical big data.
3. Non-medical medical data generated by drugs, medical devices in research and development, clinical trials, and clinical applications.
4. Medical big data formed in public health affairs.
......
The right content and rights subject of medical big data
(1) The right content of medical big data
Medical big data can acquire new knowledge, make new decisions, and create new value. Therefore, medical big data obviously has property attributes and can become the object of rights. The rights generated by medical big data belong to the right to information, and belong to the category of property rights in the classification of civil law rights. Since it belongs to property rights, it has four powers of property rights: possession, use, income, and disposition. Specifically, the owner of medical big data enjoys exclusive possession of big data information; enjoys the right to use for self-use or license others; enjoys the right to income arising from the use or licensing of others; enjoys the transfer of data to The right to dispose of others or to abandon.
(2) The subject of medical big data rights
The main body of medical big data, that is, who owns medical big data, who has the four powers. Determining the right subject of medical big data is the core of medical big data legal regulation. When the right subject is determined, the subject of the obligation is created, and then all legal norms come into being. It is the soul of all legal systems to settle down first and then to fight.
The difficulty in determining the subject of medical big data rights is as follows: First, the makers of medical big data may have several levels. For example, a medical institution is the producer of all medical records of the unit, but if a software company integrates the medical records of N hospitals. Into a big data, the software company is the new big data producer. In this case, who is the ultimate owner of big data? Second, the makers of medical big data and the main body of big data are often not one. People, or medical records, for example, the medical institution is the creator of all the medical records of the unit, but the information subject of these medical records is often the individual patient, and even more is the patient's personal privacy information. In this case, who is Is the right subject of medical big data?
As stated in the medical big data classification mentioned above, medical record big data is the most special category of medical big data. It is the most concentrated category of citizens' personal privacy. It has a unique legal status and clarifies the rights of medical records. , other types of medical big data can be solved.
1. Legal Commons--Medical Medical Data Big Data
China's current laws such as the "Practitioner's Law", "Torture Liability Law", "medical institution medical record management regulations", "medical record basic norms" and so on have not clearly defined the subject of the medical record. However, these laws impose many restrictive rules on the medical record makers. For example, medical institutions should copy or seal medical records according to the needs of patients. All medical records should be left with traces that can be identified without the patient's consent. Or medical records may not be provided to others without a judicial medical institution, and the medical records shall not be kept for less than 20 years. If a medical institution becomes the owner of a medical record as a producer of medical record big data, its four powers as possession--occupation, use, income, and disposal are all restricted by patients of another right holder. With the cooperation or consent, many rights are difficult to exercise alone, and vice versa. Therefore, I believe that the medical record as a subject of rights should be shared by the medical institution and the patient in law. When it becomes big data, the medical institution and the patient are also the common people. The so-called common ownership refers to the common ownership of the shared parties that do not distinguish between shares. A medical institution that maintains medical records or medical records is only the holder of the physical media of the medical record, not the legally intact owner.
When the producers of medical record big data are non-medical institutions but other organizations such as mobile/internet medical operators, their medical records formed through online medical consultations, consultations, prescriptions, etc., also comply with the above-mentioned legal principles. That is, the mobile/internet operator and the specific patient constitute the co-owner of the medical record big data.
Since the medical record big data is shared by the medical record holder and the patient, the holder of the medical record big data should respect the rights of the other right owner-patient when exercising the four functions of the property right. such as:
When the holder of the medical record big data exercises the possession of the medical record, it shall copy or seal it at any time at the request of the specific patient;
When the holder of the medical record big data exercises the right to use the medical record, such as using medical records to diagnose diseases, for litigation, scientific research, teaching, etc., the authenticity of the medical record shall be guaranteed, and the modification shall comply with the law, and its modification shall be left behind. trace;
When the holder of the medical record big data exercises the income power of the medical record, if the user is permitted to use the income for commercial purposes, the consent of the specific patient should be obtained in advance, and the patient should be appropriately compensated.
When the holder of the medical record big data exercises the disciplinary power of the medical record, if the medical record is transferred to another person, the specific patient's consent should be obtained in advance. When transferring for economic purposes, the patient should be properly compensated; when discarding the medical record, the patient should abide by The minimum time limit for the state to keep medical records, such as 20 years.
2, all alone - the first-level producer of non-medical medical big data
As mentioned above, due to the special provisions of the current law on medical records, the holders and patients of medical records are the legal co-owners of medical records. As for the non-medical medical big data, including the four types listed above, I think that from the perspective of everyone, it is difficult for a particular patient to become a co-owner, and the direct producer of big data, the first-level producer, should be the sole owner. Four powers to be entitled to ownership separately: possession, use, income and disposal.
For example, non-medical medical data generated during the diagnosis and treatment of diseases, such as CT, MRI, hemodialysis, renal dialysis, DSA, etc., are not included in the medical record management system. The makers of these parameters are not even hospitals, but CT or MRI, hemodialysis, nephron, DSA supply or manufacturer, and the relevant parameters are directly stored in the computer programs provided by these suppliers or manufacturers, a CT Suppliers or manufacturers such as MRI may capture the relevant parameters of N hospitals at the same time to form medical big data. If no other operating entities participate, they must become the owner of the corresponding medical big data alone, and enjoy the owner's entire power.
Other types of non-medical medical data are also available.
3, the common ownership of the intended - N-level producer of non-medical medical big data
For non-medical medical big data, when the subject of making big data involves multiple subjects, there may be multiple rights holders' problems. In this case, the respective rights shares can be determined through the agreement, which is the intended common ownership. For example, big data obtained through drug clinical trials, at this time, drug manufacturers, drug testing organizations, hospitals where drug testing is conducted, etc. may all participate in the production of medical big data, and each other can determine their respective rights shares through agreement.
Another example is the medical insurance or commercial insurance data formed during the hospitalization process. At this time, the hospital and the social security company and the commercial insurance company may also participate in the production of medical big data. The participating parties may also determine their respective shares through agreement. and many more.
There is also a situation where the medical records of medical records are jointly owned. As discussed above, medical record big data is shared by the makers of medical records such as hospitals and patients. However, if the common medical record big data is a collection of electronic medical records of a plurality of hospitals formed by the same electronic medical record system, and the company providing the electronic medical record system is an independent company, the owner of the electronic medical record data of the collection is It involves hospitals, patients and electronic medical records companies. I think that in this case, we should first determine the common relationship between the hospitals and the patients, and then share the commonality as a whole, and negotiate with the electronic medical record company to determine the common ownership.
Under the joint ownership of the intention, for medical big data, the rights of possession, use, income and disposal shall be exercised separately according to the agreement of the parties and according to the provisions of the contract. For example, the drug big data formed by clinical trials, regarding possession, can determine that the drug manufacturer, clinical trial organization, and hospital each hold one copy; for use, it can be agreed that neither party to interfere with the exercise of the other party; and so on.
Protection of personal information (privacy) about medical big data
The personal information (privacy) rights contained in medical big data are different from the other rights of medical big data ownership. The personal rights of the citizens involved in medical big data are mainly patients, and need to be discussed separately.
In fact, when medical big data is divided into medical record big data and non-medical big data, the personal information of citizens has been put into a particularly important position, and it is important to legally use medical record big data as medical record holders and patients. The common commonality, the protection of privacy is no more strict than the protection of medical record big data as the personal property of citizens. The relevant protection methods have been discussed in the previous regulations on the management and use of medical records, and are not described here. The following is mainly about how to protect the citizen's personal information of non-medical medical data.
First, it needs to be clear that non-medical medical big data, although not like medical record big data, contains citizens' most private information such as disease health, but still contains a large amount of personal information of citizens, such as property information in medical insurance data, in clinical trials. Health, genetic information, personal life trajectories in wearable devices, personal residential addresses when shopping online, and other information that are identifiable to individuals and should be included in the privacy protection.
Second, the protection method should consider the two characteristics of medical big data, namely the ambiguity of personal information and the ease of analysis of personal information. For the former, due to big data, it is difficult for the public to obtain personal information from massive amounts of big data without special analysis means. Therefore, considering the rational use of big data and economic and social value, all non-medical medical big data should be allowed. By legally permitting others to use the full use of big data or the complete transfer of big data to others, the so-called complete use or complete transfer means that the owner of big data can license without personally hiding the personal information of the citizen. Or transfer; for the latter, even under the big data, even if the personal information of the citizen is hidden, the personal information of the citizen can be restored under the deeper and wider search, thus causing privacy violation, so unless it is through a confidential contract For permission or transfer, big data should be strictly forbidden to be disclosed to the public. Those who have not taken strict measures and cause big data leakage should take severe punishment measures afterwards, including criminal responsibility.
Smart Socket,Outside Socket,Smart Plug Socket,Outside Plug Socket
Shenzhen Chaoran Technology Corp. , https://www.chaoran-remote.com