In the midst of projections that in 2025, South Korea's population aged 65 and over will account for over 20% of the total population, domestic medical expenses are also increasing at an unusually high rate. This surge in medical expenses necessitates government and organizational prediction and regulation of individuals' future medical costs. To address this, the government is identifying factors contributing to the increase in medical expenses and utilizing big data through the release of public data and various studies to forecast future medical demand. Consequently, the value of utilizing health and medical data is being highly recognized more than ever before. However, health and medical big data falls under sensitive information according to the Presidential Decree of the Personal Information Protection Act. Furthermore, due to the uniqueness of big data placement in relation to the fundamental principles of "minimal collection" and "purpose clarity" in personal information law, effective control is challenging due to concerns about privacy breaches. Therefore, to establish a balance between the activation of health and medical big data utilization and personal information protection, the following suggestions are proposed. Firstly, to promote the utilization of health and medical big data, an independent law should be established for the protection of health and medical data, through the establishment of a so-called "Medical Information Protection Committee" to maximize the protection of medical personal information. Additionally, for secure management and processing of unique identifying information and sensitive data, strict access regulations should be implemented. On the other hand, in cases where the data subject explicitly does not wish for the processing of their health and medical data, an opt-out system should be provided to grant the right to refuse post-data collection, leading to a more relaxed regulation concerning the linkage and utilization of health and medical data.