<![CDATA[The development of information technology in healthcare systems has encouraged the digitalization of medical records, raising new legal issues concerning the protection of patients’ personal data. This study aims to analyze the legal responsibility of hospitals in securing electronic medical records and to evaluate whether existing Indonesian regulations provide adequate legal protection. This is a normative legal research using statutory and conceptual approaches, based on primary and secondary legal materials. The results show that hospitals hold clear legal responsibility to protect patient data security, as mandated by Law Number 17 of 2023 on Health, Law Number 27 of 2022 on Personal Data Protection, and other related regulations. The legal responsibility includes civil, criminal, and administrative aspects. Although a legal framework is in place, its implementation remains insufficient due to the lack of comprehensive sector-specific technical regulations. Therefore, operational derivative regulations, improved hospital information security systems, and stronger government oversight and public participation are necessary to ensure the effective protection of patients' privacy rights in the digital era.]]>
Copyrights © 2025
