유럽 건강데이터 공간(EHDS) 규정과 독일 건강데이터 사용법(GDNG) 및 디지털법(DigiG)에 관한 최근 독일에서의 논의 및 시사점

The European Health Data Space(EHDS) Regulation has been published in the Official Journal of the EU, marking a significant step toward creating a secure and efficient digital health ecosystem within the European data strategy. The EHDS will establish a framework for accessing and using electronic health data across EU Member States, promoting innovation and competitiveness in healthcare. Key benefits include: ⅰ) Empowering Citizens: Offering better control over personal health data and easy access to medical records across the EU(primary use), ⅱ) Strengthening Data Re-use: Allowing anonymized or pseudonymized health data to be used for research, innovation, public health, and policymaking, while ensuring compliance with EU data protection and cybersecurity standards(secondary use). EHDS allows for an opt-out system to ensure patient self-determination and sets technical standards for data interoperability and security. Germany established the institutional foundation for the implementation of EHDS through the Health Data Utilization Act (Gesundheitsdatennutzungsgesetz, GDNG) and the Digital Act (Digitalgesetz, DigiG). Beyond simple data sharing, EHDS serves as the foundation for building an EU-wide digital healthcare ecosystem. Germany is responding with preemptive legislation, but the actual implementation process presents technical, ethical and legal challenges. For the successful establishment of EHDS in the future, the following efforts are necessary; Establishing a patient-centered data governance system, Encouraging participation from healthcare institutions and industry, and Ensuring international data standardization and interoperability. The contents of EHDS are expected to have great implications for discussions on legislation and policy establishment for the use and protection of digital-based medical data in Korea. In Korea, the recent revision of the three data laws has opened the way for digital transformation and promotion of data utilization in the healthcare sector. Accordingly, the Ministry of Health and Welfare has published guidelines for the use of health and medical data, providing standards for reference by personal information processors. The guidelines for the use of healthcare data are focused on its use and are far removed from measures to protect data subjects. Accordingly, in order to strengthen the rights and protection of data subjects in the use of medical data, separately from the provisions of the Personal Information Protection Act, it is necessary to actively review measures to secure the consent of data subjects. It is necessary to consider additional measures or legislative supplements to promote the usefulness of using personal information and pseudonymized information for public interest purposes and secure the consent of data subjects while continuously supplementing measures to protect personal privacy and strengthen data security in the use of health and medical data, with the Ministry of Health and Welfare at the center. In addition, despite the revision of the Personal Information Protection Act and the establishment of guidelines for the use of healthcare data, it is difficult to secure legal binding force in the regulatory system regarding the use of healthcare data as it is centered on guidelines, so there is a need to enhance legal stability through independent laws.