(63) 資料主體應有權接近使用其所受蒐集之個人資料，並得容易地、 於合理之時間間隔行使接近使用權，以知悉並核實該處理之合法性。 此包括資料主體有權接近使用其健康資訊，例如包括診斷、檢驗結果、 醫師所為評鑑及任何治療或干擾措施提供之資訊。因此，各資料主體 應有權知悉及獲得溝通，尤其是個人資料受處理之目的、受處理之可 能期間、個人資料之接收者、任何自動處理個人資料所涉及之邏輯、 以及至少於建檔時之資料處理結果。若有可能，控管者應提供得遠端 使用之安全系統以提供資料主體對其個人資料有直接之接近使用權。 該權利不得對他人之權利或自由有不利之影響，包括營業秘密或智慧 財產權，尤其是保護軟體之著作權。但是，就此等面向之顧慮不得導 致拒絕提供所有資訊予資料主體之結果。當控管者處理有關資料主體 之大量資訊時，應得於資訊傳遞前請求資料主體特定與其請求相關之 資訊或處理活動。
(63) A data subject should have the right of access to personal data which have been collected concerning him or her, and to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing.
This includes the right for data subjects to have access to data concerning their health, for example the data in their medical records containing information such as diagnoses, examination results, assessments by treating physicians and any treatment or interventions provided.
Every data subject should therefore have the right to know and obtain communication in particular with regard to the purposes for which the personal data are processed, where possible the period for which the personal data are processed, the recipients of the personal data, the logic involved in any automatic personal data processing and, at least when based on profiling, the consequences of such processing.
Where possible, the controller should be able to provide remote access to a secure system which would provide the data subject with direct access to his or her personal data.
That right should not adversely affect the rights or freedoms of others, including trade secrets or intellectual property and in particular the copyright protecting the software.
However, the result of those considerations should not be a refusal to provide all information to the data subject.
Where the controller processes a large quantity of information concerning the data subject, the controller should be able to request that, before the information is delivered, the data subject specify the information or processing activities to which the request relates.
The latest consolidated version of the Regulation with corrections by Corrigendum, OJ L 127, 23.5.2018, p. 2 ((EU) 2016/679). Source: EUR-lex.