生效日: 2024年05月18日,版本: v1.1.0
Effective Date: May 18, 2024, Version: v1.1.0
本數據處隱私資料保護以追求個人隱私保護條件下,最小化資料蒐集和去識別化為原則,執行本數據處各項業務。本數據處個人資料保護目標為「尊重個人隱私、合法處理利用;強化隱私保護,確保學術研究推動」。以期建立一個機密性、完整性與可用性的個人資料蒐集、處理與利用安全環境,並達成本數據處訂定之個人資料防護目標。本公司個人資料保護政策包括:
The data office’s privacy data protection is based on minimizing data collection and de-identification, in order to protect personal privacy in executing various tasks. The goal of personal data protection by the data office is to "respect personal privacy, legally process and utilize data; strengthen privacy protection, and ensure the advancement of academic research." We aim to establish a secure environment for the collection, processing, and use of personal data in terms of confidentiality, integrity, and availability, achieving the personal data protection objectives set by the office. Our personal data protection policy includes:
1. 對個人資料之蒐集、處理與利用,不逾越特定目的及業務必要範圍,並依法履行告知義務。
The collection, processing, and use of personal data shall not exceed the specified purposes and necessary scope of business, and we will fulfill the legal obligation of notification.
2. 提供當事人明確訊息,其個人資料之蒐集、利用與處理的範圍和期限。
Providing clear information to the subject regarding the scope and duration of the collection, use, and processing of their personal data.
3. 僅處理相關且適當的個人資料。
Only processing relevant and appropriate personal data.
4. 盤點個人資料以建立清冊,並指定專責人員依規定保管。
Taking inventory of personal data to establish a registry and appointing responsible personnel to manage it according to regulations.
5. 維護個人資料之正確性,並於必要時更正或補充。
Maintaining the accuracy of personal data and correcting or supplementing it when necessary.
6. 確保當事人依法對其個人資料所得行使之權利。
Ensuring that the data subject can exercise their rights regarding their personal data as stipulated by law.
7. 強化個人資料、人員、設備管理及資通安全防護,以確保個人資料之安全。
Strengthening the management of personal data, personnel, equipment, and information security to ensure the safety of personal data.
8. 施行個人資料保護管理制度,強化個人資料之保護。
Implementing personal data protection management systems to enhance personal data protection.
9. 委託他人蒐集、處理、利用及傳輸個人資料時,對受託單位為適當之監督。
Supervising the entrusted unit appropriately when delegating others to collect, process, use, or transfer personal data.
10. 於個人資料保護法所允許例外情形之個資應用,確保其適當性與合法性。
Ensuring the appropriateness and legality of personal data use in exceptional cases allowed by the Personal Data Protection Act.
網站隱私權宣告
Website Privacy Policy
感謝您瀏覽和使用「臺北醫學大學數據處」(以下簡稱本網站),臺北醫學大學數據處(以下簡稱本數據處)尊重並依法保護用戶個人資料及隱私權。為了協助您瞭解本網站如何蒐集、處理、利用及保護您所提供的個人資料,因此制訂了隱私權保護宣告。請在使用本網站服務前,詳細閱讀本網站隱私權宣告內容。當您使用本網站服務時,表示您已詳細閱讀且同意本網站隱私權宣告。
Thank you for browsing and using the "Taipei Medical University Data Office" (hereinafter referred to as "this website"). The Taipei Medical University Data Office (hereinafter referred to as "the Data Office") respects and legally protects users' personal data and privacy. To help you understand how this website collects, processes, uses, and protects your personal data, we have formulated this privacy protection statement. Please carefully read the privacy statement before using the services of this website. When you use this website's services, it means you have read and agreed to the privacy statement.
隱私權保護宣告的適用範圍
Scope of the Privacy Statement
以下的隱私權宣告,適用於您在使用本網站及其所提供之服務時,所涉及的個人資料蒐集、運用與保護。但不適用於與本網站功能連結之網站。
The following privacy statement applies to the collection, use, and protection of personal data involved when you use this website and its services. However, it does not apply to websites linked to this website.
凡經由本網站連結之網站,各網站均有其專屬之隱私權保護政策或宣告,本網站不負任何連帶責任。當您連結這些網站時,關於個人資料的保護,適用各該網站的隱私權政策或宣告。蒐集的個人資料類型、蒐集目的及使用方式單純在本網站的瀏覽及檔案下載行為,本網站並不會蒐集任何有關個人的身份資料。
All websites linked through this website have their own privacy protection policies or declarations, and this website is not responsible for them. When you link to these websites, personal data protection is governed by their respective privacy policies or statements.
Types of personal data collected, purpose of collection, and method of use: When simply browsing or downloading files from this website, no personal identification data is collected.
當您於利用本網站所提供的服務信箱、註冊成為電子報訂閱會員等服務時,本網站會依案件辦理需求請您提供姓名、身份證字號、聯絡電話、電子郵件地址(e-mail)、通訊地址及戶籍地址等個人資料。您提供的個人資料,僅作為本數據處執行法定職務或處理您個人服務請求使用。凡未經您主動提供之個人資料,例如使用者機器的 IP 位址、上網時間及在網站內所瀏覽及點選的紀錄等資料,僅提供本網站之網站管理單位作為網站流量及網路行為調查的總量分析。其目的是運用於評估及提升本網站的服務品質。
When using services provided by this website, such as the service mailbox or registering for a newsletter subscription, the website may request personal information such as your name, ID number, contact number, email address, mailing address, and residence address as required for processing. The personal data you provide is used solely for the Data Office to perform statutory duties or process your service requests. Personal data not actively provided by you, such as your device's IP address, access times, and records of browsing and clicking within the website, are only used by the website's management unit for aggregate analysis of website traffic and user behavior. The purpose of this analysis is to assess and improve the quality of services provided by the website.
臨床數據去識別化處理
Clinical Data De-identification Process
本數據處為提升資料深度與廣度,以及完善數據服務,進行數據資源整合,包含附屬醫院臨床資料庫、健保資料庫、生物資料庫、校務研究資料庫等資源。自2015年起,臺北醫學大學開始整合三家附屬醫院(臺北醫學大學附設醫院、萬芳醫院、雙和醫院)的電子病歷,建立臺北醫學大學臨床研究資料庫(TMUCRD)。該資料庫結合了三千張病床的各種電子病歷數據,包括結構化數據(例如病患基本資料、死因、就醫資訊、癌症登記、生命徵象、疼痛量表、檢驗結果、細菌培養報告、診斷、治療步驟、手術、出院病摘、用藥情形、慢性病連續處方箋、醫材、和住院營養評估等資訊)和非結構化數據(例如醫師記錄、病理報告、檢查及放射影像報告),並前處理及驗證成可分析的研究數據。TMUCRD數據的涵蓋期間為1998年至2022年。自2008年以起,因雙和醫院加入北醫體系,該資料庫涵蓋了三家醫院的完整數據,包括12個類別、71張資料表和2,611個欄位,且各類資料表可相互鏈接。截至2022年底,該資料庫共累積了全台灣約430萬名病患的就醫資訊。
To enhance the depth and breadth of data and improve data services, the Data Office integrates data resources, including affiliated hospital clinical databases, National Health Insurance databases, biobanks, and academic research databases. Since 2015, Taipei Medical University has integrated electronic medical records from its three affiliated hospitals (Taipei Medical University Hospital, Wanfang Hospital, and Shuang Ho Hospital) to establish the Taipei Medical University Clinical Research Database (TMUCRD). This database consolidates various electronic medical record data from 3,000 hospital beds, including structured data (such as patient demographics, cause of death, medical history, cancer registry, vital signs, pain scales, test results, bacterial culture reports, diagnoses, treatments, surgeries, discharge summaries, medication records, chronic disease prescriptions, medical devices, and inpatient nutritional assessments) and unstructured data (such as physician notes, pathology reports, examination and radiology reports), which are pre-processed and validated for research analysis. The TMUCRD dataset covers the period from 1998 to 2022. Since 2008, with the addition of Shuang Ho Hospital to the TMU system, the database has included comprehensive data from three hospitals, comprising 12 categories, 71 data tables, and 2,611 fields, with the ability to link between tables. By the end of 2022, the database had accumulated medical information on approximately 4.3 million patients across Taiwan.
臺北醫學大學數據處臨床數據中心整合一校三院(北醫附醫、萬芳醫院、雙和醫院)各類臨床相關真實世界資料(real-world data),且串聯政府開放資料(open data),以建立資料整合治理、科學視覺化洞察,並提供雲端化、多元化整合的大數據生態、數據處理、推廣與協作等服務。使本校及附屬醫院之人員可善用臨床、申報、登錄等資料進行研究,作為臨床試驗的參考依據,並配合當代精準醫療趨勢,強化與國內外生醫產業合作研究,最終提升臺灣醫療品質並促進醫療產業提升。
The Clinical Data Center of the Taipei Medical University Data Office integrates various clinical real-world data from one university and three hospitals (TMU Hospital, Wanfang Hospital, and Shuang Ho Hospital) and links them with government open data to establish data governance, scientific visual insights, and provide cloud-based, diversified, big data ecosystems, data processing, promotion, and collaboration services. This enables TMU and its affiliated hospital staff to leverage clinical, reporting, and registration data for research, serving as a reference for clinical trials. In line with contemporary precision medicine trends, the center strengthens collaborations with domestic and international biomedical industries, ultimately improving the quality of healthcare in Taiwan and promoting advancements in the medical industry.
本數據處為落實隱私保護與遵循ISO國際標準規範,於2024年導入個資去識別化過程管理系統(personal information deidentification process management system, PIDIPMS)。期藉由去識別化過程以個資整體生命週期為保護基礎,評估資料利用之風險,包括隱私權政策、隱私風險管理、隱私保護原則、去識別化過程、重新識別評鑑等標準作業程序,確保從臨床數據中個人身分訊息被安全處理。將採取一系列技術和流程,無從辨識該特定之個人,以保護病患隱私。這包括但不限於去識別化、差分隱私、概化、揭露限制方法、權限控制和監控等措施。同時,將嚴格遵守相關法律規範,確保對數據的合法使用和保護。
To implement privacy protection and comply with ISO international standards, in 2024, the Data Office will introduce the Personal Information De-Identification Process Management System (PIDIPMS). This de-identification process aims to protect personal data across its entire life cycle by assessing data usage risks, including privacy policies, privacy risk management, privacy protection principles, the de-identification process, re-identification evaluations, and other standard operating procedures, ensuring that personal information in clinical data is securely handled. A series of technologies and procedures will be employed to ensure that specific individuals cannot be identified, thereby protecting patient privacy. This includes, but is not limited to, de-identification, differential privacy, generalization, disclosure limitation methods, access control, and monitoring measures. Additionally, strict compliance with relevant legal regulations will be maintained to ensure the lawful use and protection of data.
個人資料之保全
Protection of Personal Data
本網站所蒐集的個人資料,皆經過加密或保護機制處理。以確保資料傳輸過程不會被第三者非法擷取。
All personal data collected by this website is processed with encryption or protective mechanisms. This ensures that the data transmission process cannot be illegally intercepted by third parties.
個人資料分享及公開方式
Sharing and Disclosure of Personal Data
本數據處有義務保護您的個人資料及隱私。非經您的同意不會提供您個人資料的全部或一部分給其他團體、個人或私人企業。但有下列情形者除外:
The Data Office is obligated to protect your personal data and privacy. Without your consent, we will not provide your personal data, in whole or in part, to any other group, individual, or private company. However, exceptions are as follows:
1. 中華民國司法檢調單位透過合法程序進行調閱。
The Republic of China judiciary or investigation units request of data through legal procedures.
2. 配合相關職權機關依職務需要之調查或使用。
Assisting relevant authorities with investigations or duties as required.
3. 基於善意相信揭露為法律需要。
In good faith belief that disclosure is necessary by law.
4. 基於主動衍生政府網站服務效益之考量。
For the purpose of proactively enhancing the benefits of government website services.
5. 保護本網站其他使用者之合法使用權益。
To protect the legitimate usage rights of other users of this website.
個人資料使用期間與地區
Duration and Area of Personal Data Use
本網站僅在中華民國境內利用您的個人資料。您在本網站所輸入的個人資料,將基於前述蒐集目的永久保存。
This website only uses your personal data within the territory of the Republic of China (Taiwan). The personal data you enter on this website will be permanently retained for the purposes outlined above.
個人資料權利行使方式
How to Exercise Your Personal Data Rights
當您在使用本網站及其所提供之服務後,您可以經由本隱私權宣告提供之「隱私權保護之諮詢」聯絡管道,向本數據處要求查閱、更正及補充您的個人資料。有以下情形者,本網站將以停止蒐集、處理或利用個人資料之方式代替刪除個人資料:
After using this website and its services, you may contact the Data Office through the "Privacy Protection Consultation" channel provided in this privacy statement to request access, correction, or supplementation of your personal data. In the following situations, this website will stop collecting, processing, or using your personal data instead of deleting it:
1. 有法令規定。
When required by law.
2. 有契約約定之保存期限。
When there is a contractual retention period.
3. 有理由說明刪除時將侵害當事人保護利益。
When deletion would harm the interests of the data subject, as reasonably explained.
隱私權保護之諮詢
Privacy Protection Consultation
若您對本網站的隱私權保護宣告或個人資料行使權利有任何疑問,請透過本網站提供之服務信箱,與本數據處聯繫,本數據處將依相關法令規定聯繫處理。
If you have any questions about this website's privacy protection statement or exercising your personal data rights, please contact the Data Office through the service mailbox provided on this website, and the Data Office will respond according to relevant laws and regulations.
臺北醫學大學臨床研究資料庫Taipei Medical University Clinical Research Database (TMUCRD)
Tel: (02)6620-2589 #10405~7
Email: odscdc@tmu.edu.tw