Analysis of the Policy on the Misuse of Medical Record Data by Health Care Facilities

Introduction: This study examines the legal aspects of medical record data misuse by healthcare facilities in Indonesia, emphasizing its ethical, legal, and systemic implications. Medical records are crucial to prevent data privacy violations, unauthorized access, and commercial exploitation. Methodology: Using the normative juridical research method, this qualitative study analyzes the legal framework, including Law Number 17 of 2023 on Health, the Personal Data Protection Law, and other relevant legislation, complemented by scientific literature and case studies. The research findings reveal that medical record misuse often occurs through unauthorized access, false claims, data manipulation, and illegal data sharing with third parties, reflecting gaps in law enforcement and weak institutional governance. This study highlights the strong link between medical record misuse and healthcare fraud, demonstrating how systemic pressures and inadequate oversight encourage unethical practices. This study recommends strengthening regulatory integration, improving cybersecurity infrastructure, implementing stricter sanctions, and increasing ethical awareness among healthcare professionals. This research contributes to the health law discourse by offering actionable legal and policy recommendations while emphasizing the need for a cultural shift toward transparency and data management. Future studies should incorporate empirical fieldwork and explore advanced digital security innovations to address emerging challenges.