1Department of Convergence Public Administration, Hansung University Mirae Plus College, Seoul, Korea
2Department of Medical Informatics, College of Medicine, The Catholic University of Korea, Seoul, Korea
3Division of Endocrinology and Metabolism, Department of Internal Medicine, Seoul St. Mary’s Hospital, College of Medicine, The Catholic University of Korea, Seoul, Korea
© 2024 Korean Society of Cardiovascular Disease Prevention; Korean Society of Cardiovascular Pharmacotherapy.
This is an open-access article distributed under the terms of the Creative Commons Attribution Non-Commercial License (http://creativecommons.org/licenses/by-nc/4.0/) which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited.
Author contributions
Conceptualization: RK, HSK; Data curation: all authors; Formal analysis: all authors; Funding acquisition: HSK; Investigation: HSK; Methodology: HSK; Project administration: HSK; Resources: HSK; Software: HSK; Supervision: HSK; Validation: HSK; Visualization: RK; Writing—original draft: RK; Writing—review & editing: all authors. All authors read and approved the final manuscript.
Conflicts of interest
The authors have no conflicts of interest to declare.
Funding
This study was supported by the Medical AI Education and Overseas Expansion Support Research Program through the National IT Industry Promotion Agency (NIPA) funded by the Korean Ministry of Science, ICT and Future Planning.
Case | Summary |
---|---|
Situation | At the request of the police chief, Korea’s National Health Insurance Service provided details of the medical benefits of wanted criminals. |
Issue | Was this provision of health information an unfair infringement on the interests of the data subject or of a third party? |
Key point | In principle, the subject of information must consent to the processing of sensitive information (double consent for processing personal and sensitive information), according to Article 23(1) of the Personal Information Protection Act [4]. |
While investigating a crime, sensitive information may be provided if it is unavoidable except in cases where there is a possibility of unreasonably infringing on the interests of a data subject or third party according to Article 18(2), seventh paragraph of the Personal Information Protection Act [4] and Article 8, second paragraph of the Enforcement Decree of the Act on the Performance of Duties by Police Officers [15]. | |
Judicial precedent | It has been adjudged that the legitimacy of the purpose of providing information and the suitability of the means must be recognized. |
However, the relatively long-term care benefit details of the past 2 to 3 years do not constitute information that can allow immediately identifying, at least, a suspect’s location. | |
There are various ways to track the location of criminals. Therefore, it has been adjudged that the act of providing information is not a way to minimize the invasion of privacy. | |
In particular, the payment date and the nursing home’s name are important pieces of information for predicting the offender’s type and the severity of the disease. | |
Since the above constitutes comprehensive information about the health status of wanted criminals, it is regarded as sensitive information that is closely related to the intimate aspects of an individual's personality and personal information. | |
The Constitutional Court held that sensitive information requires greater protection than does other general personal information because it is related to the core of an individual’s personality and privacy. | |
Therefore, it was decided that, in this case, the act of providing information violated the principle of excessive prohibition and right to self-determination of personal information. |
Case | Summary |
---|---|
Situation | At the request of the police chief, Korea’s National Health Insurance Service provided details of the medical benefits of wanted criminals. |
Issue | Was this provision of health information an unfair infringement on the interests of the data subject or of a third party? |
Key point | In principle, the subject of information must consent to the processing of sensitive information (double consent for processing personal and sensitive information), according to Article 23(1) of the Personal Information Protection Act [4]. |
While investigating a crime, sensitive information may be provided if it is unavoidable except in cases where there is a possibility of unreasonably infringing on the interests of a data subject or third party according to Article 18(2), seventh paragraph of the Personal Information Protection Act [4] and Article 8, second paragraph of the Enforcement Decree of the Act on the Performance of Duties by Police Officers [15]. | |
Judicial precedent | It has been adjudged that the legitimacy of the purpose of providing information and the suitability of the means must be recognized. |
However, the relatively long-term care benefit details of the past 2 to 3 years do not constitute information that can allow immediately identifying, at least, a suspect’s location. | |
There are various ways to track the location of criminals. Therefore, it has been adjudged that the act of providing information is not a way to minimize the invasion of privacy. | |
In particular, the payment date and the nursing home’s name are important pieces of information for predicting the offender’s type and the severity of the disease. | |
Since the above constitutes comprehensive information about the health status of wanted criminals, it is regarded as sensitive information that is closely related to the intimate aspects of an individual's personality and personal information. | |
The Constitutional Court held that sensitive information requires greater protection than does other general personal information because it is related to the core of an individual’s personality and privacy. | |
Therefore, it was decided that, in this case, the act of providing information violated the principle of excessive prohibition and right to self-determination of personal information. |