동의 없이 가명화한 개인정보의 사용은 정당한가?: IRB의 승인도 정보 주체의 동의도 없는, 개인정보의 2차적 연구 사용의 문제. (Korean)

The recent development of big data technology has increased our interest in collecting, storing, and using personal information like genetic or health information in the use of health and medical data. The ethical principle to obtaining informed consent has been observed in bioethics for human subject research with the exceptional allowance to waive informed consent through the review of IRB. However, Europe’s GDPR allows to use personal information pseudonymized without informed consent from or notification to data subject for the the secondary use like public record, scientific or historic research, or statistics although respecting the ethical principle to obtain informed consent. Similarly, Personal Information Protection Act in Korea allows to use the personal information with the pseudonymisation for the secondary use without consent. However, these have the following problems. First, GDPR’s requirement for the exempt from notification to data subject cannot be considered to be close to the criteria for waiving an informed consent, which have been adopted in bioethics. Second, unlike GDPR, there is no regulation in Personal Information Protection Act to indicate the criteria for the secondary use of the collected personal information without the notification to data subject. Third, there is no clear regulation to give a controller, who determines the purposes and means of the processing of personal data, the authority to pseudonymize the already-collected personal information without informed consent. Fourth, GDPR has the regulation to give a controller the authority to pseudonymize personal information without consent. However, its theoretical ground is too weak. Public good may be a reason to support such a secondary use. This reason cannot be a sufficient one because the concept of public good is vague. Restriction on right to self-determination of date subject for public good may distrupt trust building necessary to the improvement in using data. In order to overcome the problems mentioned earlier, I argue that the introduction of blanket consent for secondary use into Bioethics and Safety Act in Korea is needed as observed in the revision of 45 CFR 46 in U.S.A. [ABSTRACT FROM AUTHOR]

Copyright of Asia Pacific Journal of Health Law & Ethics is the property of Ewha Institute for Biomedical Law & Ethics, Ewha Womans University and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)