| Contents |
■ MOU for Self-regulation of Personal Information Protection
On November 26, 2014, the Ministry of the Interior entered into a Memorandum Of Understanding (MOU) with business associations in five areas that process large amount of personal information to promote self-regulation of personal information protection: National Federation of Banks, Insurance Association, Life Insurance Association, Korea Information and Communications Promotion Association, Korean Hospital Association. The MOU is intended to promote awareness of the necessity of personal information protection and address the unnecessary collection of personal information. All five of the business associations have actively implemented self-regulation since entering into the MOU. 11)
■ Personal Information Protection Level (PIPL)
The Personal Information Protection Level (PIPL) operated by the Ministry of the Interior and the National Information Society Agency is a system to evaluate personal information processing systems, implement protective measures, and issue certification to promote voluntary efforts of data controllers in the private and public sectors.
All data controllers in public institutions, private sector businesses, corporations and civil society organizations can apply for certification. There are four types of certification for public institutions, large business, medium to small-sized business and small business.
The PIPL, which has been in operation since November 2013, was embedded by the establishment of the Personal Information Protection Certification Committee to deliberate and evaluate matters for certification. As at December 2014, the PIPL received certification applications from 15 public and private institutions, and issued certifications to seven institutions. 12)
Eight training sessions for certification evaluation experts were also conducted to improve objectivity and expertise in certification evaluation, and to promote the system. A total of 397 certification evaluation experts were trained.
■ Personal Information Management System (PIMS)
In 2014, the Korean Communications Commission and Korea Internet & Security Agency operated the Personal Information Management System (PIMS) that included seven preliminary reviews and 20 post-reviews/renewal reviews. The Communications Commission and KISA also held two review training sessions for 97 persons, 67 of which qualified as a professional review after completing a test.
Also, the Communications Commission and KISA recommended PIMS to ITU-T SG17 (International Telecommunications Union Security Sector) and ISO/IEC JCT1 SC27 (International Organization for Standardization/International Electrotechnical Commission Joint Technical Commission study group) as the platform for the international standard.
|
