The purpose of this study is to understand the impact of the implementation of the Personal Data Protection Law (PDP Law) on the management of consumer health data in Indonesia, with a focus on enhancing secure and confidential handling. In the midst of the rapidly evolving digitalisation era, the management of personal data, especially those related to health information, requires strict and effective legal regulation. This is becoming increasingly urgent given the increasing incidents of data leaks and privacy violations, one of which occurred in the leak of the Indonesian Ministry of Health's server which collected 6 million patient medical record data. The research method used is normative juridical with a conceptual approach and a statutory approach, where secondary data is broken down into three different types of legal materials, namely primary, secondary, and tertiary legal materials. The PDP Law and Consumer Protection Law are the primary legal sources, accompanied by the use of relevant literature as secondary legal sources as well as dictionaries and encyclopedias as tertiary legal materials to further explain. The novelty of this research lies in the comprehensive analysis of the existing regulations and their applicability in the health context, as well as considering the increasing public awareness of their rights to personal data. The results show that although challenges such as uneven technological infrastructure and lack of awareness among health staff still exist, the measures taken through the PDP Law have created a strong foundation for better health data protection in the future, improving security and confidentiality in health data management.
Read full abstract