Analisis Yuridis Upaya Pencegahan dan Risiko Hukum terhadap Kebocoran Data Rekam Medis Elektronik Pasien di RSUD Serpong Utara

Alya Puspita Juliasari; Idris Wasahua

doi:10.55681/sentri.v5i2.5603

Authors

Alya Puspita Juliasari Universitas Esa Unggul
Idris Wasahua Universitas Esa Unggul

DOI:

https://doi.org/10.55681/sentri.v5i2.5603

Keywords:

Data Protection, EMR, Legal Compliance, Patient Data Leakage Risk

Abstract

The advancement of digitalization in healthcare services requires hospitals to implement Electronic Medical Records (EMRs) supported by secure, accurate, and integrated data management. This study aims to analyze the compliance of data breach prevention measures for patient EMRs at RSUD Serpong Utara with national legal provisions and to assess the potential legal risks arising from data breaches. The research employs a normative–empirical juridical approach, with data collected through in-depth interviews with the Medical Records Coordinator, EMR implementing officers, Head of the IT Team, Public Relations officers, and the Chair of the Quality Committee, as well as analysis of internal documents and relevant laws and regulations. The findings indicate that RSUD Serpong Utara has implemented access control mechanisms, individual user accounts, hierarchical supervision, and data storage on external servers to prevent data breaches. However, EMR implementation remains hybrid in several units, the CPPT audit trail has not been effectively implemented, and there is no appointed Data Protection Officer or internal legal unit. The enactment of Law No. 27 of 2022 on Personal Data Protection (UU PDP) establishes a more stringent regulatory standard compared to previous regulations, demanding comprehensive compliance from healthcare institutions in protecting patient data. The potential legal risks include administrative sanctions, civil liability claims, and criminal liability. Based on normative juridical analysis of the applicable laws and regulations and empirical findings regarding EMR management practices at RSUD Serpong Utara, this study concludes that strengthening EMR governance through the completion of digital transition, the appointment of a Data Protection Officer, the establishment of an internal legal unit, and the effective implementation of incident audits and audit trails is necessary to enhance legal compliance and reduce the risk of patient data breaches.

Downloads

Download data is not yet available.

References

Agustina Tifanny. (2025). Era Baru Kesehatan: Digitalisasi dan Integrasi Data Untuk Pelayanan Optimal (Rerung R (ed.)). CV. Media Sains Indonesia. https://kbk1773719.perpustakaandigital.com/detail/era-baru-kesehatan-digitalisasi-dan-integrasi-data-untuk-pelayanan-optimal

Akbar, H., & Wicaksana, P. B. (2025). Perlindungan Hukum Terhadap Kebocoran Data Pribadi Akibat Tindak Pidana Siber : Perspektif Undang-Undang Nomor 27 Tahun 2022. 18(02), 239–248.

Ariani, S., Yuliani, R. D., & Sidoarjo, U. M. (2025). Tantangan dalam Integrasi Data Kesehatan dari Berbagai Sistem Electronic Health Record dalam Sistem Kesehatan Nasional Universitas Muhammadiyah Sidoarjo , Indonesia Rekam Medis Elektronik ( Electronic Health Records / EHR ) telah menjadi.

Budiman, A., Isa, M., & Soekiswati, S. (2025). Analisis Risiko Dan Tindakan Pencegahan Kebocoran Data Rekam Medis Elektronik Pasien Di RS P Surakarta (Vol. 7, Issue 3).

Fadila Aprilia & Pranoto Edi. (2023). ANALISIS HUKUM TERHADAP PELAKSANAAN PERLINDUNGAN DATA PRIBADI PASIEN DALAM SISTEM REKAM MEDIS ELEKTRONIK.

Gede, I., Agung, E., & Punia, A. (2024). Aspek Hukum Dan Pertanggungjawaban Keamanan Data Rekam Medis Elektronik Di Indonesia. Jurnal Kesehatan Mahasaraswati, 1, 1–4.

Hadiyantina Shinta et.al. (2023). PERLINDUNGAN DATA PRIBADI DALAM BIDANG REKAM MEDIS. UB MEDIA PRESS. https://books.google.co.id/books?hl=en&id=C1LyEAAAQBAJ&lr=&oi=fnd&ots=y3TZMp8yLU&pg=PR4&redir_esc=y&sig=z5USCf1-_rz05QzoBFSNviWKhxE&utm

Izza, A. Al, & Lailiyah, S. (2024). Kajian Literatur: Gambaran Implementasi Rekam Medis Elektronik di Rumah Sakit Indonesia berdasarkan Permenkes Nomor 24 Tahun 2022 tentang Rekam Medis. Media Gizi Kesmas, 13(1), 549–562. https://doi.org/10.20473/mgk.v13i1.2024.549-562

Juliansyah, R. (2025). Implementation of EMR System in Indonesian Health Facilities : Benefits and Constraints – A Case Study of Two Clinics in Central Java Implementation of EMR System in Indonesian Health Facilities : Benefits and. 10(1). https://doi.org/10.7454/ihpa.v10i1.1140

Kurniawan, A. L., & Setiawan, A. (2021). BENTUK PERLINDUNGAN DATA PRIBADI PASIEN SELAMA PANDEMI COVID-19. 9, 95–112.

Kusumastuti Adhi, M. A. (2019). METODE PENELITIAN KUALITATIF (Annisya Fitratun (ed.)). LEMBAGA PENDIDIKAN SUKARNO PRESSINDO. https://lib.unnes.ac.id/40372/1/Metode Penelitian Kualitatif.pdf

Mandey, A. W. (2025). Legal Analysis of Patient Privacy Violation in Electronic Medical Records and its Implications for Health Data Protection in Indonesia. 5(02), 589–594. https://doi.org/10.58471/jms.v5i02

Nadiroh, A., & Wiraguna, S. A. (2025). Analisis Yuridis Kebocoran Data di Layanan Kesehatan Digital : Studi Kasus Aplikasi Telemedicine di Indonesia. 2(6), 313–320.

Neng Sari Rubiyanti. (2023). Penerapan Rekam Medis Elektronik di Rumah Sakit di Indonesia: Kajian Yuridis. ALADALAH: Jurnal Politik, Sosial, Hukum Dan Humaniora, 1(1), 179–187. https://doi.org/10.59246/aladalah.v1i1.163

Peraturan Menteri Kesehatan Nomor 24 Tahun 2022 Tentang Rekam Medis, 1 (2022).

Peraturan Pemerintah (PP) Nomor 71 Tahun 2019 Tentang Penyelenggaraan Sistem Dan Transaksi Elektronik (2016).

Purnomo, A., & Mashuri, M. (2025). DATA REKAM MEDIS PASIEN. 9.

Rizza Ayda. (2022). PERLINDUNGAN HUKUM TERHADAP DATA REKAM MEDIS PASIEN COVID-19 DI RUMAH SAKIT.

Siregar, R. A. (2024). Penerapan Permenkes Nomor 24 Tahun 2022 Tentang Rekam Medis Terhadap Efektivitas Pelayanan Kesehatan. Jurnal Ilmu Hukum Kyadiren, 5(2), 1–12. https://doi.org/10.46924/jihk.v5i2.182

Tatang Guritno, K. (2022). Kemkominfo Telusuri Dugaan Kebocoran Data Pasien Milik Kemenkes Artikel ini telah tayang di Kompas.com dengan judul “Kemkominfo Telusuri Dugaan Kebocoran Data Pasien Milik Kemenkes”, Klik untuk baca: https://nasional.kompas.com/read/2022/01/06/22555491/ke. Kompas.Com. https://nasional.kompas.com/read/2022/01/06/22555491/kemkominfo-telusuri-dugaan-kebocoran-data-pasien-milik-kemenkes?

Tovino A. (2022). Health Privacy, Security, and Information Management. In in Laws of Medicine: Core Legal Aspects for the Healthcare Professional. Springer. https://doi.org/https://doi.org/10.1007/978-3-031-08162-0

Ulfa Nadiya & Yuspin Wardah. (2022). Legality of Electronic Medical Records ( RME ) in Hospital Management Information System Readiness based on Minister of Health Regulation Number 24 of 2022 concerning Medical Records. 24, 72–78.

Undang-Undang (UU) Nomor 17 Tahun 2023 Tentang Kesehatan (2023). https://peraturan.bpk.go.id/details/258028/uu-no-17-tahun-2023

Undang-Undang (UU) Nomor 27 Tahun 2022 Tentang Pelindungan Data Pribadi (2022). https://peraturan.bpk.go.id/Details/229798/uu-no-27-tahun-2022

Undang-Undang Nomor 19 Tahun 2016 Tentang Perubahan Atas Undang-Undang Nomor 11 Tahun 2008 Tentang Informasi Dan Transaksi Elektronik, 44 Journal of Physics A: Mathematical and Theoretical 287 (2011). https://peraturan.bpk.go.id/Details/37582/uu-no-19-tahun-2016

Wijayanta Setya. (2024). ELECTRONIC HEALTH RECORDS. CV Media Sains Indonesia.