• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.113-120
• /
• 2021

The adoption of the General Data Protection Regulation (EU) 2016/679 transformed approaches and concepts to the implementation of the personal data protection mechanism in the European Union. Within the EU, almost all countries have adapted a new protection mechanism, which requires a study of the specifics of its use. The article intends to assess the legal provisions of the current mechanism of personal data protection in the EU. The author studied the mechanism of personal data protection under the General Data Protection Regulation (EU) 2016/679 (GDPR) based on the concept of contextual integrity and analysis of EU legislation on personal data protection. The scientific publications for 2016-2020 were reviewed for the formation of ideas of a new personal data protection mechanism in the EU, informative and transparent analysis of legal provisions. The article notes that the personal data privacy and protection is increasing, there is an ongoing unification of the legal status of personal data protection and the formation of a digital market for dissemination, exchange, control, and supervision of data. Cross-border cooperation is part of the personal data protection mechanism. The author proved that the GDPR has changed approach to personal data protection: the emphasis is now shifting to the formation of a digital market, where the EU's role in ensuring regulation is crucial. The article identifies the emergence of a new protectionist legal system and strengthening of legal provisions regarding privacy. This legal system needs unification and harmonization in accordance with national legislation, is territorially fragmented and differentiated within the EU.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.185-191
• /
• 2018

The purpose of this study is to present effective basic data for business management through analysis of importance and performance of personal information protection of the elderly welfare center workers. For this purpose, the questionnaire on the protection of personal information was reconstructed based on the diagnostic level of the personal information security management level of the public institution and the questionnaire was conducted on 105 employees of the elderly welfare center in Chungbuk area. Based on the responses to the importance and the degree of performance of the personal information protection of the elderly welfare center employees, technical statistics and corresponding sample T-tests were conducted and the importance-performance analysis (IPA) was used. Followings are the results of this study: First, there is a statistically significant difference between the importance and the implementation of the management system for the protection of personal information of the workers in the elderly welfare center, establishment and implementation of protection measures, establishment and implementation of infringement measures. Second, IPA analysis on the protection of personal information of the workers in the elderly welfare center shows that the establishment and implementation of protection measures are the areas to maintain good performance. Third, in IPA analysis of the sub-factors of the personal information protection of the workers in the welfare center of the elderly, in the construction and management of the management system, in performing the role of the personal information protection officer and establishing and implementing protection measures, The factors of prevention of information disclosure and exposure and the safe use and management of personal information processing system were analyzed as areas requiring intensive improvement. This study is meaningful as a basic research that can raise the awareness of the personal information protection of the workers in the elderly welfare center and induce the improvement of the related work.

• Journal of Information Processing Systems
• /
• v.6 no.2
• /
• pp.185-196
• /
• 2010

This paper proposes a personal information protection model that allows a user to regulate his or her own personal information and privacy protection policies to receive services provided by a service provider without having to reveal personal information in a way that the user is opposed to. When the user needs to receive a service that requires personal information, the user will only reveal personal information that they find acceptable and for uses that they agree with. Users receive desired services from the service provider only when there is agreement between the user's and the service provider's security policies. Moreover, the proposed model utilizes a mobile agent that is transmitted from the user's personal space, providing the user with complete control over their privacy protection. In addition, the mobile agent is itself a self-destructing program that eliminates the possibility of personal information being leaked. The mobile agent described in this paper allows users to truly control access to their personal information.

• Journal of Information Technology Services
• /
• v.19 no.1
• /
• pp.37-53
• /
• 2020

Today, our society is exposed to cyber threats, such as the leakage of personal information, as various systems are connected and operated organically with the development of information and communication technology. With the impact of these cyber risks, we are experiencing damage from the virtual world to the physical world. As the number of cases of damage caused by cyber attacks has continued to rise, social voices have risen that the government needs to manage cyber risks. Thus, information and telecommunication service providers are now mandatory to have insurance against personal information protection due to amendment of "the Act on Promotion of Information and Communication Network Utilization and Information Protection". However, the insurance management system has not been properly prepared, with information and communication service providers selecting the service operators based on sales volume rather than selecting them based on the type and amount of personal information they store and manage. In order for the personal information protection liability insurance system to be used more effectively in line with the legislative purpose, effective countermeasures such as cooperation with the government and related organizations and provision of benefits for insured companies should be prepared. Thus, the author of this study discuss the current status of personal information protection liability insurance system and the issues raised in the operation of the system. Based on the results of this analysis, the authors propsoe tasks and plans to establish an effective personal information protection liability insurance system.

• Journal of Korean Clinical Nursing Research
• /
• v.29 no.3
• /
• pp.261-270
• /
• 2023

Purpose: This study aimed to identify the influence of knowledge of personal information protection law and nursing patient advocacy on practice of personal information protection among nurses. Methods: The subjects were 130 nurses who have worked for six months or more in the ward of the tertiary or general hospitals. Data were collected from February 20 to March 3, 2023. Results: Factors influencing practice of personal information protection were acting as an advocate (β=.32, p=.004), environmental and educational influences (β=.21, p=.040), knowledge of personal information protection law (β=.19, p=.013) and clinical experience for five years or more but less than ten years (β=.17, p=.036). The regression model showed an explanatory power of 34.0%. Conclusion: Acting as an advocate has the most effect on practice of personal information protection. To promote practice of personal information protection for nurses, it is necessary to provide education related to privacy protection and encourage nursing patient advocacy.

• Korean Security Journal
• /
• no.44
• /
• pp.199-223
• /
• 2015

The purpose of this study is to find the development of the personal protection business plan based on the problem that guards are now aware of personal protection service. In order to achieve the objectives of this study, we analyzed the data after expert survey and interview conducted by seven experts engaged in personal protection services more than 15 years. The guard who perform personal protection service proposed a development plan of personal protection services as follows. First, the current education system for new employees' training is required to improve the educational program of 40 hours in subjects related to personal protection duties by reorganization Second, the personal protection service training for guards also appropriate to switch to 8-hour training program for three months through an educational organization controlled by country. Third, the personal protection guards should be proceeding the practical programs required in the field and quality education in the different section by competent and professional instructors. Fourth, it should be revised Regulating that on the site of collective civil petition including in Events related to events across the board in the security services law. Fifth, there needs to be a change of recognition between police and private security firms, and to be set up the organization for supervision of management by police and private security firms jointly. Sixth, there needs to be organized a subcommittee which is consisting of experts in each task on Korea Security Association, and founded Korea Personal Protection Association for development associated with the personal protection service and to protect the rights of personal protection guards.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.3
• /
• pp.349-355
• /
• 2019

In the trend of continuously increasing collection and use of personal information, there are legal grounds for protecting personal information and various policies and systems are implemented, but there is insufficient analysis about education and its effect of personal information protection. In this study, we surveyed and analyzed the degree of awareness and actual perception level in the protection of personal information of college students, and investigated the satisfaction of personal information protection education. The results of the analysis showed that students' interest in privacy protection and concern about personal information exposure was very high, but the efforts to protect personal information and the perception level of rights and systems for protecting personal information was very low. In addition, the experience and satisfaction of education for personal information protection were found to be very low. Students felt that the necessity of education for personal information protection was strongly agreed and preferred regular and continuous education rather than one-time education.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.587-608
• /
• 2022

The European Union recently established the General Data Protection Regulation (GDPR) for secure data use and personal information protection. Inspired by this, South Korea revised their Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and the Credit Information Use and Protection Act, collectively known as the "Three Data Bills," which prescribe safe personal information use based on pseudonymous data processing. Based on these bills, the personal data store (PDS) has received attention because it utilizes the MyData service, which actively manages and controls personal information based on the approval of individuals, and it practically ensures their rights to informational self-determination. Various types of PDS models have been developed by several countries (e.g., the US, Europe, and Japan) and global platform firms. The South Korean government has now initiated MyData service projects for personal information use in the financial field, focusing on personal credit information management. There is also a need to verify the efficacy of this service in diverse fields (e.g., medical). However, despite the increased attention, existing MyData models and frameworks do not satisfy security requirements of ensured traceability, transparency, and distributed authentication for personal information use. This study analyzes primary PDS models and compares them to an internationally standardized framework for personal information security with guidelines on MyData so that a proper PDS model can be proposed for South Korea.

• Journal of Internet Computing and Services
• /
• v.17 no.4
• /
• pp.95-113
• /
• 2016

Personal information processing works, including resident registration number is common to be consigned by IT specialized company due to high level expertise and tremendous cost. The accident related to personal information is increasing and most of accidents are caused by the consignee's leaking information. According to the Inspection of personal information protection and the management level diagnosis of personal information protection, public Institutions need to build the consignee's accident prevention and personal information management system as soon as possible. In this paper, the efficient enhancement ways for the personal information protection is studied. We analyze the law of business consignment and select basic management items related with personal information protection, and propose a analysis scheme for management level of personal information protection and a enhancement scheme for management system of personal information protection. This paper suggests consignee's management system of personal information protection for the enhancement way and the three Strengthening ways in law. To compose the a enhancement scheme for management system of personal information protection, we conduct questionnaire survey to 30 consignees(IT maintenance, notice printing, call center, welfare center) related to typical tasks of public organizations, present reference for this scheme, and execute verification of this scheme by focus group interview of consignor and consignee.

• Journal of Information Technology Applications and Management
• /
• v.16 no.4
• /
• pp.79-92
• /
• 2009

With the rising reliance on market estimation through customer analysis in customer-centered marketing, there is a rapid increase in the amount of personal data owned by corporations. There has been a corresponding rise in the customers' interest in personal information protection, and the problem of personal information leakage has risen as a serious issue. The purpose of this research is to develop a diagnosis model for personal information protection that is suited to our country's corporate environment, and on this basis, to present diagnostic instruments that can be applied to domestic corporations. This diagnosis model is a structural equation model that schematizes the degree of synthetic effect that administration factors and estimation items have on the protection of personal information owned by corporations. We develop the model- consisting of the administration factors for personal information protection and the measurement items of each factor- using the development method of standardized structural equation model. We then present a tool through which the administration factors and estimation items verified through this model can be used in the diagnosis for personal information protection in corporations. This diagnostic tool can be utilized as a useful instrument to prevent in advance the leakage of personal information in corporations.