Harmonization Over the Regulations of Electronic Medical Records and its Potential to be Abused

Abstract

The rapid development of information and communication technology has brought changes to the mechanismfor storing electronic medical records (EMR). EMR is very important to protect and provide comfort andconvenience for health services. However, it is very susceptible to be abused by hackers. This study aimsto harmonize amongst relevant laws on EMR and to identify the legal protection of EMR from abuse byhackers. This research uses a normative research method to harmonize legal norms and regulations relatedto EMR that already exist in Indonesia. Legal protection of EMR in Indonesia has not been implementedproportionally even though the regulation on EMR has been stipulated clearly in the Minister of HealthRegulation No. 269/ 2008 concerning Medical Records and various relevant Laws on it. There are noderivative laws related to EMR as mandated by the Minister of Health Regulation No. 269/2008 whichbecomes an obstacle to the effective implementation of EMR. The existence of an EMR is Also verysusceptible to be abused by hackers. So, cyber security is needed for health workers, both individually andinstitutionally to protect EMR. In conclusion, EMR has been regulated in Indonesian Laws, but it has notbeen governed into derivative laws to be implemented a proportionally. Therefore, harmonization those lawswill narrow the gaps amongst them. Further norms and regulations regarding EMR are needed to createcybersecurity which is potential to be hacked.