CONTENTS
- 1. Healthcare Industry | Concept Overview and Analysis of Key Trends
- - Types of the Healthcare Industry
- 2. Healthcare Industry | Legal Risks
- - Violation of the Medical Service Act
- - Violation of the Personal Information Protection Act
- - Violation of the Pharmaceutical Affairs Act
- 3. Healthcare Industry | Key Provisions of the Digital Medical Products Act
- - Mobile Healthcare
- - Telemedicine
- - Health and Medical Analytics
- - Digital Health and Medical System
- 4. Healthcare Industry | Legal Risk Checklist
1. Healthcare Industry | Concept Overview and Analysis of Key Trends
The healthcare industry refers to the service and product industry that encompasses the prevention, diagnosis, treatment, and rehabilitation of disease, as well as health management overall.
It is developing into a broad industry that includes not only the traditional hospital, pharmaceutical, and medical-device sectors but also, more recently, digital healthcare, gene-tailored medicine, telemedicine, healthcare data platforms, health management apps, medical healthcare food, healthcare AI, and medical tourism.
The key trends in the healthcare industry are as follows.
Rapid growth in the markets for wearable devices, smart hospitals, healthcare apps, telemedicine, and digital therapeutics (DTx)
② Genetic and personalized medicine
Expansion of genetic testing, precision-medicine-based new drug development, cancer gene panel testing, and genome analysis services
③ AI-based diagnostic and predictive services
AI image reading, AI diagnostic assistance, smart bed systems, and big-data-based disease prediction solutions
④ Age-friendly healthcare services
Management of chronic disease in the elderly, home medical care, silver healthcare centers, and smart care platforms
⑤ Healthcare platform services
Integrated healthcare platform services linking hospitals, pharmacies, insurance, exercise, and dietary habits
Types of the Healthcare Industry
The types of the healthcare industry include the following.
Category | Key Content |
|---|---|
Hospitals and Medical Institutions | Hospitals, long-term care hospitals, dental clinics, oriental medicine hospitals, examination centers |
Pharmaceuticals and Bio | New drugs, biopharmaceuticals, vaccines, medical compounds |
Medical Devices | CT, MRI, in-vitro diagnostic devices, smart devices |
Digital Healthcare | Telemedicine, healthcare apps, wearable devices |
AI Healthcare | AI diagnostic assistance, big-data-based disease prediction |
Health Functional Food and Healthcare Food | Health foods, medi-food, functional ingredients |
2. Healthcare Industry | Legal Risks
The following examines the types of legal risks that may arise in the healthcare industry.
Violation of the Medical Service Act
In the healthcare industry, the risk of violating the Medical Service Act may be very high.
A representative example is the establishment of a hospital by a non-medical person, the so-called ‘office-manager hospital’ problem.
This is a case in which a non-medical person borrows a hospital's name to establish it or becomes involved in its management for the purpose of the hospital's actual operation and profit.
If detected, it may lead to an order to close the hospital, penalty surcharges, and criminal punishment, as well as a claim by the National Health Insurance Service to recover unjust gains, so corporate-type medical institutions in particular must take care.
In addition, violations of medical advertising law are also frequent.
False, exaggerated, or consumer-misleading wording, and online advertisements that have not gone through review, may lead to administrative dispositions and criminal punishment.
Telemedicine is also permitted only on a limited basis under current law, so remote treatment or diagnostic acts that exceed the permitted scope are regarded as illegal telemedicine and incur legal liability.
Violation of the Personal Information Protection Act
The core assets of the healthcare industry are patients' personal information and sensitive health information.
If this patient personal information is collected without authorization or provided to a third party, serious sanctions may be imposed for violation of the Personal Information Protection Act.
In particular, if there is no lawful consent and no security measures in the process of collecting and using patients' image information, medical records, biodata, and genetic information in AI-based diagnostic services or healthcare platforms, penalty surcharges, civil liability for damages, and criminal punishment may be imposed concurrently.
Even when patient health information is used for AI and big-data analysis, a thorough legal review is needed regarding pseudonymization requirements, whether the data subject has consented, whether the data is transferred to an overseas server, and similar matters.
Violation of the Pharmaceutical Affairs Act
Medical devices, health functional foods, and special nutritional foods provided by hospitals are all subject to regulation under the Pharmaceutical Affairs Act.
The manufacture or sale of unapproved medical devices, the distribution of unreported imported medical devices, and the sale of uncertified health functional foods are all subject to criminal punishment, business suspension, and the imposition of penalty surcharges.
In particular, exaggerated advertising and false labeling that occur inadvertently through online distribution channels and in-hospital sales channels are also serious violations.
Advertisements that violate the standards in notifications of the Ministry of Food and Drug Safety or that exaggerate disease-prevention or treatment efficacy may lead to penalty surcharges and criminal punishment, and such risks have recently arisen frequently in healthcare shopping malls operated by medical institutions themselves, in YouTube advertisements, and the like, so greater care is needed.
3. Healthcare Industry | Key Provisions of the Digital Medical Products Act
The key provisions of the Digital Medical Products Act that a business owner operating in the healthcare industry must know are as follows.
1. Purpose and Scope of Application
▶Scope of application: Applies to medical devices to which advanced digital technologies such as AI, robotics, and VR/AR are applied, to drug-device convergence products, or to health management support products
2. Product Classification and Grade Designation
▶Digital convergence drugs: Products combining a drug and a digital medical device (for example, a pill plus a sensor plus software)
▶Digital medical and health support devices: Products that collect and analyze biosignals for the purpose of maintaining and promoting health, with a low risk of harm to the human body under the Act
▶Grade system: Classified into grades 1 through 4 according to the intended use and risk, with the notification, certification, and approval procedures differentiated by grade
3. Procedures for Production and Import Approval and Certification
▶Digital convergence drugs: The existing drug approval procedure requires the submission of safety and efficacy data that include the digital components
▶Digital medical and health support devices: Because the risk of harm is low, they may be manufactured, imported, and sold without notification, but they may obtain voluntary performance certification
4. Quality Control and Security Obligations
▶Security guidelines: An obligation to establish a security management system to block electronic intrusions (hacking, data breaches, and the like)
▶Excellent management system certification: A manufacturer that obtains certification may receive preferential treatment in the licensing and quality control procedures
5. Clinical Trials and Real-World Evaluation
▶Real-world evaluation: After approval, actual market-use data may be collected to allow additional evaluation
6. Regulatory Innovation and Corporate Support Framework
▶Establishment of support infrastructure: Institutional infrastructure such as workforce training, international cooperation, standardization, R&D support, and the designation of regulatory support centers is specified in the Act
The following examines the main types of digital healthcare.
Mobile Healthcare
Mobile healthcare refers to a service that uses mobile devices such as smartphones, wearable devices, and tablets to measure and manage an individual's health status in real time.
The most familiar example is a smartwatch such as the Apple Watch.
Through this device, heart rate, amount of exercise, sleep time, stress index, and the like are measured, and based on this, the user is provided with exercise recommendations, sleep-pattern improvement, health reports, and similar services.
Recently, specialized mobile healthcare services by field, such as blood-glucose management apps for patients with chronic disease, medication-reminder apps, and pregnancy and childbirth management apps, have also been spreading rapidly.
Telemedicine
Telemedicine refers to a non-face-to-face medical service in which a patient consults with and receives treatment from medical staff through voice, video systems, and the like without visiting a hospital in person.
It became active worldwide in particular as a result of the COVID-19 pandemic, and it plays an essential role for the elderly who have difficulty moving, patients with impaired mobility, cases that require the prevention of infectious disease, and similar situations.
Telemedicine has the advantage of enabling rapid information transfer, diagnosis, and prescription, so it is expected to expand gradually into non-face-to-face treatment, remote monitoring, and remote collaborative care systems.
In Korea as well, discussion of the legislation and safety standards of telemedicine is taking place actively.
Health and Medical Analytics
Health and medical analytics is a field that collects and analyzes an individual's medical data, lifestyle habits, genetic information, medical records, medical imaging data, and the like to predict disease and design personalized treatment.
With the development of artificial intelligence (AI) and big-data technology, vast amounts of medical data can be analyzed precisely, and this is being used in the early diagnosis of serious illnesses and the development of treatments for intractable diseases.
In particular, it is being applied to genetic-analysis-based personalized medicine, predictive medicine services, and cancer precision-medicine programs, and it is expected to grow into a core field of AI-based precision medicine in the future.
Digital Health and Medical System
A digital health and medical system is a framework that computerizes patients' health records, treatment histories, test results, and the like to exchange and manage information digitally among medical institutions, or between a medical institution and a patient.
From the patient's standpoint, it has the advantage that the patient can store his or her own medical information safely and, even when changing hospitals, can receive consistent treatment because treatment records and prescriptions are linked.
Medical institutions can provide data-based medical services and can pursue improvements in treatment efficiency and the quality of care.
This system is regarded as core infrastructure of the healthcare industry, such as medical information protection, data standardization, and the development of information-linkage platforms, and it is a trend that is spreading in both public and private hospitals.
See More
4. Healthcare Industry | Legal Risk Checklist
Through the legal risk checklist below, we hope you can obtain assistance so that legal problems do not arise when operating in the healthcare industry.
1. The Medical Service Act and the Prohibition of Medical Practice by Non-Medical Persons
□Whether the healthcare service constitutes a medical practice
□Whether it includes a medical practice by a non-medical person or the establishment or operation of a medical institution
□Confirmation of the legal scope of telemedicine and remote monitoring services
□Whether medical advertising and the provision of medical information comply with legal regulations
2. The Personal Information Protection Act and the Protection of Medical Information
□Lawfulness of consent and notice when collecting, using, and providing sensitive information (health information)
□Whether encryption, access control, and storage and destruction policies for personal information are established
□Whether lawful cross-border transfer measures are in place when using overseas cloud servers
□Whether de-identification and anonymization measures for medical data are appropriate
□Securing a response manual and reporting system for personal information breach incidents
3. The Digital Medical Products Act and Licensing Risks
□Whether a digital healthcare product or software is classified as a medical device
□Whether the licensing procedure is carried out when it is classified as medical device software (SaMD)
□Whether there is a violation of medical-device advertising review and labeling and advertising regulations
□Whether the disclosure and reporting obligations under the Digital Medical Products Act are complied with
4. The Pharmaceutical Affairs Act and the Management of Drugs and Health Functional Foods
□Lawfulness of providing information on drugs, medical supplies, and health functional foods within the healthcare service
□Whether there is a violation of drug advertising regulations or of laws governing promotional materials aimed at general consumers
□Confirmation of the lawfulness of drug delivery and distribution management
5. Legal Requirements for Telemedicine and Non-Face-to-Face Treatment
□Confirmation of the diseases and patient scope for which telemedicine may be conducted
□Legal appropriateness of the methods of issuing prescriptions and delivering dispensed medicine in non-face-to-face treatment
□Whether procedures for the retention of treatment records and the collection of patient consent forms are established
6. Whether There Is a Violation of the Consumer Protection Act and the Act on Fair Labeling and Advertising
□Whether the descriptions and advertising wording of products and services aimed at consumers contain false or exaggerated expressions
□Whether medical efficacy or effects without scientific basis are stated
□Conformity of service cancellation and refund policies with the consumer dispute resolution standards
7. Whether Platform Operators Are Registered as Mail-Order Sellers
□Whether mobile-app and web-based healthcare platform operators fulfill the registration obligation
□Lawfulness of the disclosure items and contract conclusion process under the laws on mail-order sales and electronic commerce
□Management of risks related to intermediary liability when operating a transaction-brokering platform
8. Legal Review of Data Use and AI Algorithms
□Liability for misdiagnosis by AI diagnostic-assistance programs and the risk of medical accidents
□Lawfulness of providing and using medical information for the training data of AI services
□The scope of the use of public data and private data in data-based services
9. Medical Accidents and Liability for Damages
□Whether the party responsible is clearly identified when medical malpractice occurs
□Lawfulness of the exemption clauses for medical practices and diagnostic-assistance services
□Whether liability insurance for damages is taken out, and management of risks in the insurance terms
10. Country-Specific Regulations When Providing Global Services
□Confirmation of whether overseas telemedicine is permitted and the scope of treatment and prescription permitted
□Whether licensing is required under each country's medical laws, personal information protection laws, and AI regulatory laws
□Review of the lawfulness of cross-border data transfer and the international sharing of medical information
Related News
Watch related video content
for this case study.
The world's first 'Digital Medical Products Act' implemented... Need to respond to changes in the domestic medical industry
