Browse > Article
http://dx.doi.org/10.7472/jksii.2016.17.4.95

A Study on the Management Capabilities Enhancement of Consignor's Personal Information Protection  

Cheong, Hwan-Suk (Graduate School of Information Security, Chonnam National University)
Park, Euk-Nam (Graduate School of Information Security, Chonnam National University)
Lee, Sang-Joon (Graduate School of Business Administration, Chonnam National University)
Publication Information
Journal of Internet Computing and Services / v.17, no.4, 2016 , pp. 95-113 More about this Journal
Abstract
Personal information processing works, including resident registration number is common to be consigned by IT specialized company due to high level expertise and tremendous cost. The accident related to personal information is increasing and most of accidents are caused by the consignee's leaking information. According to the Inspection of personal information protection and the management level diagnosis of personal information protection, public Institutions need to build the consignee's accident prevention and personal information management system as soon as possible. In this paper, the efficient enhancement ways for the personal information protection is studied. We analyze the law of business consignment and select basic management items related with personal information protection, and propose a analysis scheme for management level of personal information protection and a enhancement scheme for management system of personal information protection. This paper suggests consignee's management system of personal information protection for the enhancement way and the three Strengthening ways in law. To compose the a enhancement scheme for management system of personal information protection, we conduct questionnaire survey to 30 consignees(IT maintenance, notice printing, call center, welfare center) related to typical tasks of public organizations, present reference for this scheme, and execute verification of this scheme by focus group interview of consignor and consignee.
Keywords
Personal Information; Personal Information Protection Act; Personal Information Protection Management System; Consignor;
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 Joint Interagency, Personal Information Protection Normalization measures, 2014, p.8. http://www.pmo.go.kr/pmo/news/news01.jsp?mode=view&article_no=49241
2 Press Release by Ministry of Government Administration and Home Affairs, Privacy breaches greatly enhanced prevention activities, 2014. http://www.moi.go.kr/frt/bbs/type010/commonSelectBoardArticle.do?bbsId=BBSMSTR_000000000008&nttId=44682
3 Ministry of Future Creation and Science, KISA, 2013 Information Security Survey(Business Sector), 2013, p.137-139. http://isis.kisa.or.kr/board/?pageId=060200&bbsId=15&itemId=43&pageIndex=2
4 Joint Interagency, Personal Information Protection Normalization measures, 2014, p.3. http://www.pmo.go.kr/pmo/news/news01.jsp?mode=view&article_no=49241
5 Ministry of Government Administration and Home Affairs, 2015 Public Institution Personal Information Protection Management Level Diagnostic Result, 2015, pp.4. http://www.privacy.go.kr/nns/ntc/selectBoardArticle.do?nttId=5925&bbsId=BBSMSTR_000000000001
6 Y. J. Lee, A Study on the Improvement and supervisory Status for Personal Fiduciary Services in Financial Institutions, Journal of Security Engineering, Vol.11, No.3, 2014, pp.233-250. http://dx.doi.org/10.14257/jse.2014.06.02   DOI
7 T. H. Kang, Study on Measures to Strengthen Personal Information Protection Consignee Management System, Journal of the Korea Institute of Information Security and Cryptology, Vol.23, No.4, 2013, pp.781-797. http://dx.doi.org/10.13089/JKIISC.2013.23.4.781   DOI
8 Y. D. Go, A Proposal of Enhanced Personal Information Security Management Framework of Consigning of Personal Information, Journal of the Korea Institute of Information Security and Cryptology, Vol.25, No.2, 2015, pp.383-393. http://dx.doi.org/10.13089/JKIISC.2015.25.2.383   DOI
9 Ministry of Government Administration and Home Affairs, 2014 Public Institution Personal Information Protection Management Level Diagnostic Results, 2014, pp.2. http://www.privacy.go.kr/nns/ntc/selectBoardArticle.do?nttId=5925&bbsId=BBSMSTR_000000000001
10 http://sharedassessments.org/about/,Jan(2012)
11 KISA, A Reasearch on ISMS Maturity Level and Evaluation Methodology, Sep(2010), pp.18-26. http://www.kisa.or.kr/jsp/common/libraryDown.jsp?folder=017271
12 D. K. Choi, Study the role of information security personnel have on an organization's information security level, Journal of the Korea Institute of Information Security and Cryptology, Vol.25, No.1, 2015, pp.197-209. http://dx.doi.org/10.13089/JKIISC.2015.25.1.197   DOI
13 B. Y. Min, Study on Personal Information Management Plan for Consignment Work, A Master's Thesis ofr Graduate School of Information and Communication. Sungkyunkwan University 2014.
14 D. K. Jeong, Comparative study of the privacy information protection policy(Privacy information basic laws and dedicated organization), Journal of the Korea Institute of Information Security and Cryptology, Vol.22, No.4, 2012, pp.923-939.
15 R. Wacks, Personal Information : Privacy and the Law, Oxford:Clarendon Place. 1989.
16 ISO/IEC 27014, Information technology - Security techniques - Governance of information security.
17 BS 10012:2009, Data protection - Specification for a personal information management system, BSI, 2009.
18 JIS Q 15001:2006, Personal information protection management systems - Requirements. Japanese Standards Association Japan Institute for Promotion of Digital Economy and Community, 2006.
19 ISO/IEC 29100(2011), Information technology - Security techniques - Privacy framework.
20 ISO/IEC FDIS 27014, Information technology - Security techniques - Governance of information security.
21 H. Y. Youm, The International Standard Necessary of PIMS, Review of the Korea Institute of Information Security and Cryptology, Vol.23, No.4, 2013, pp.66-72.