HEALTH DATA OWNERSHIP IN MALAYSIA PUBLIC AND PRIVATE HEALTHCARE: A LEGAL ANALYSIS OF HEALTH DATA PRIVACY IN THE AGE OF BIG DATA

Abstract

Health data ownership in big data is a new legal issue. The problem stands between the public and private healthcare as the main proprietor of health data. In Malaysia, health data ownership is under government hospitals and private healthcare jurisdictions. Who owns the data will be responsible for safeguarding it, including its privacy. Various technical methods are applied to protect health data, such as aggregation and anonymization. The thing is, do these technical methods are still reliable to safeguard privacy in big data? In terms of legal protection, private healthcare is governed under Personal Data Protection Act 2010, while the same Act does not bind the government. With the advancement of big data, public and private healthcare are trying to extract values from health data by processing big data and its analytical outcomes. Considering that health data is sensitive due to its nature which contains personal information of individuals or patients, had raised an issue as to whether the proprietor could provide adequate legal protection of health data. Personal Data Protection Act 2010 is still applicable in giving protection for health data for private healthcare, but what are the laws governing health data privacy in public healthcare? This article aims to answer the questions by analyzing legal sources relevant to health data privacy in big data. We propose a regulatory guideline that follows the GDPR as a legal reference model to harmonize the public and private healthcare ownership of health data better to protect the privacy of individuals in big data.