DOI QR코드

DOI QR Code

Research on Framework and Inspection Method to Strengthen Personal Information Protection of Trustees

수탁사 개인정보보호 강화를 위한 프레임워크 및 점검방법 연구

  • 박유림 (한국국방연구원 국방데이터분석센터) ;
  • 신용태 (숭실대학교 컴퓨터공학보)
  • Received : 2023.10.05
  • Accepted : 2023.10.27
  • Published : 2023.11.30

Abstract

This paper analyzes the Personal Information Protection Act and related legal guides revised in 2023, proposes a framework for a consignment contract through the items necessary in the consignment relationship for personal information work, and inspects the status of personal information protection for consignees that are absent in Korea. By proposing common items that must be included, we prevent the occurrence of personal information leakage incidents by strengthening the basic personal information protection capabilities of trustees handling personal information work and alleviating the burden of essential personal information protection inspections. I want to do it.

본 논문은 2023년 개정된 개인정보보호법 및 관련 법적 가이드 등을 분석하고, 개인정보 업무 위수탁 관계에서 필요한 항목을 통해 위수탁 계약에 대한 프레임워크를 제안하고, 국내에 부재한 수탁사 개인정보보호 현황 점검의 필수적으로 포함되어야 하는 공통항목을 제안함으로서, 개인정보 업무를 처리하는 수탁사의 기본적인 개인정보보호 역량의 강화와 필수적으로 수행하는 개인정보보호 점검에 대한 부담감을 완화하고 개인정보 유출 사고 발생 예방에 기여하고자 한다.

Keywords

References

  1. S. J. Jeon, "Outsourcing, provision or joint controlling the personal information," Journal of Korea Infomation Law, Vol.26, No.3, pp.193-235, 2022.
  2. D. H. Park, "Trendsof information security and privacy international standardization," Review of KIISC, Vol.23, No.4, pp.47-52, 2013.
  3. D. S. Im, "An empirical study between checking activity of management level of consignee's personal information protection and information security performance," Journal of Information Technology and Architecture, Vol.15, No.1, pp.31-42, 2018. https://doi.org/10.22865/JITA.2018.15.1.31
  4. Korea Internet & Security Agency [Internet], https://www.kisa.or.kr, Information Protection and Certification Standards Guide Personal Information Protection Management System (ISMS-P) Certification Standards Guide.
  5. Y. D. Ko, "A proposal of enhanced personal information security management framework of consigning of personal information," Journal of The Korea Institute of Information Security & Cryptology, Vol.25, No.2, pp.383- 393, 2015. https://doi.org/10.13089/JKIISC.2015.25.2.383
  6. S. T. Hyun, "A study on the enforced security of personal information outsourcing," Journal of Korea Safety Management & Science, Vol.16, No.3, pp.433-441, 2014. https://doi.org/10.12812/ksms.2014.16.3.433
  7. Ministry of Government Legislation [Internet], https://www.law.go.kr, Personal Information Protection Act.
  8. Personal Information Protection Commission [Internet], https://www.pipc.go.kr, Personal information processingentrustment guide.