Health Data Privacy under the GDPR: Big Data Challenges and Regulatory Responses

The growth of data-collecting goods and services, such as ehealth and mhealth apps, smart watches, mobile fitness and dieting apps, electronic skin and ingestible tech, combined with recent technological developments such as increased capacity of data storage, artificial intelligence and smart algorithms, has spawned a big data revolution that has reshaped how we understand and approach health data. Recently the COVID-19 pandemic has foregrounded a variety of data privacy issues. The collection, storage, sharing and analysis of health- related data raises major legal and ethical questions relating to privacy, data protection, profiling, discrimination, surveillance, personal autonomy and dignity.

This book examines health privacy questions in light of the General Data Protection Regulation (GDPR) and the general data privacy legal framework of the European Union (EU). The GDPR is a complex and evolving body of law that aims to deal with several technological and societal health data privacy problems, while safeguarding public health interests and addressing its internal gaps and uncertainties. The book answers a diverse range of questions including: What role can the GDPR play in regulating health surveillance and big (health) data analytics? Can it catch up with internet-age developments? Are the solutions to the challenges posed by big health data to be found in the law? Does the GDPR provide adequate tools and mechanisms to ensure public health objectives and the effective protection of privacy? How does the GDPR deal with data that concern children's health and academic research?

By analysing a number of diverse questions concerning big health data under the GDPR from various perspectives, this book will appeal to those interested in privacy, data protection, big data, health sciences, information technology, the GDPR, EU and human rights law.

數據收集商品和服務的增長，例如電子健康和移動健康應用程式、智能手錶、移動健身和節食應用程式、電子皮膚和可食用技術，再加上最近的技術發展，如數據存儲容量的增加、人工智能和智能算法，催生了一場大數據革命，重塑了我們對健康數據的理解和處理方式。最近的COVID-19大流行凸顯了各種數據隱私問題。健康相關數據的收集、存儲、共享和分析引發了與隱私、數據保護、個人概況、歧視、監控、個人自主權和尊嚴有關的重大法律和倫理問題。

本書以歐洲聯盟（EU）的《一般數據保護條例》（GDPR）和一般數據隱私法律框架為背景，探討健康隱私問題。GDPR是一部複雜且不斷發展的法律，旨在應對幾個技術和社會健康數據隱私問題，同時保護公共健康利益並解決其中的內部缺陷和不確定性。本書回答了各種問題，包括：GDPR在規範健康監控和大數據分析方面可以發揮什麼作用？它能跟上互聯網時代的發展嗎？解決大健康數據帶來的挑戰的解決方案是否可以在法律中找到？GDPR是否提供足夠的工具和機制來確保公共健康目標和有效保護隱私？GDPR如何處理涉及兒童健康和學術研究的數據？

通過從不同角度分析GDPR下關於大健康數據的一系列問題，本書將吸引那些對隱私、數據保護、大數據、健康科學、信息技術、GDPR、歐盟和人權法律感興趣的讀者。

Dr. Maria Tzanou is Senior Lecturer in Law at Keele University, United Kingdom.

Dr. Maria Tzanou 是英國基爾大學的法學高級講師。