□ 의료기관에서의 개인정보보호 및 정보보안관리 실태 파악을 기반으로 하여 이에 대한 문제점 및 취약점을 분석하여 이에 대한 정책방안을 제시하고자 함. ○ 의료기관 종류별(종합병원, 병원, 의원 등) 개인정보보호 및 정보보안관리 기준 정립 ○ 의료기관 종류별 개인정보보호 및 정보보안관리 현황, 문제점 파악 ○ 의료기관 개인건강정보보호 및 정보보안관리체계 구축과 이를 위한 정책방안 마련
ㅁAccording to rapid development of information technology, mobility and accessibility to personal medical records have been on the rise in medical industry. At the same time, a risk of breach of personal medical information has gradually increased. ㅁTherefore, this study has attempted to investigate how the sensitive personal health data which can cause a serious problem if breached have been managed in medical institutes, analyze the weakness and problems of the management and come up with decent policies. ㅁFor this, the following four surveys have been conducted; current management of personal medical records in medical clinics and medical doctors’ awareness on the protection of personal medical information, control of personal medical records by the medical record manager in the medical clinic, current management of privacy policy through analysis on the website of the medical clinic, the general public’s awareness on the protection of personal medical records. ㅁThen, the following results have been obtained: ○ In terms of awareness on five rights concerning Personal Information Protection Act-related personal information subjects, doctors (65.1%) were higher than the general public (57.7%). ○ Doctors believe that the public’s interest in their medical records is 2.21 out of 5 scores. ○ In terms of importance of protection of personal information, the general public (4.25) were higher than doctors (4.06). ○ In terms of the control of personal medical information, doctors (2.94) were higher than the public (2.49). ○ In terms of disclosure of personal information policy, hospitals (81.0%) were higher than medical clinics (46.7%). ㅁBased on these results, this study can be concluded as follows: ○ Recently, regulations on the protection of personal information have become more stringent. Therefore, it is necessary to develop a decent personal medical data management plan with more interest in medical sectors. For this, it is required to investigate current situations on a regular basis. ○ Within the conventional self-regulatory personal information protection authentication system, it is needed to come up with evaluation criteria specialized for a medical sector. In addition, it’s necessary to strengthen the assessment categories associated with the protection of personal medical information within the current authentication assessment system. ○ Furthermore, there should be more aggressive PR and education activities against the general public, medical workers (medical doctors, hospital employees) and employees of medical information system developers. ○ It is also required to develop customized education contents by type of medical institute, circumstance and duty and provide them systematically. ○ It is needed to deal with issues associated with the protection of personal medical records in health-related portals and mobile apps as well as in medical institutes and public organizations as well.
목차
Abstract 1 요 약 5 제1장 서 론 19 제1절 연구배경 및 목적 21 제2절 연구내용 및 방법 24 제2장 이론적 배경 29 제1절 개념 및 특성 31 제2절 의료정보화와 개인의료정보보호 44 제3장 의료부문 개인정보보호관련 정책현황 51 제1절 관련 법‧제도 53 제2절 관련 현황조사 70 제3절 관련 인증제도 99 제4장 국내 의료기관의 개인정보보호 관리현황 및 개인의료정보보호에 대한 인식현황 127 제1절 조사설계 129 제2절 조사실시 및 조사결과 139 제5장 결론 및 정책적 제언 185 제1절 결론 187 제2절 정책제언 190 참고문헌 197
