• Title/Summary/Keyword: Privacy Laws

Search Result 92, Processing Time 0.026 seconds

Analysis of Personal Information Data Flow Structure based on Network Theory (네트워크 이론을 적용한 개인정보 유통구조 분석)

  • Lee, Jae-Geun;Kim, Hyun Jin;YOUM, Heung Youl;Kang, Sang-ug
    • Informatization Policy
    • /
    • v.21 no.1
    • /
    • pp.17-34
    • /
    • 2014
  • The study on the structure of personal information flows is very important because government can measure and respond the risks caused by companies which collect personal information from other personal data users to operate their business. Recently, as the value of personal information is increasing, number of companies which intend to process a large scale of personal information is increasing too. Accordingly, the issue on the structure of personal data flow has become important for the leading personal information processors which receive far more personal information from others to comply the personal information protection laws. However, research on this issue has rarely performed so far. Therefore, this study proposes a framework for personal information data flow structure based on network theory. Theoretically, the results of the study may contribute to extending the application areas of the network theory to personal information area. Practically, the study may contribute to assisting regulatory authorities to find and monitor personal information processors.

The Medical Information Protection and major Issues (의료정보 유출의 문제점과 의료정보보호)

  • Jeun, Young-Ju
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.12
    • /
    • pp.251-258
    • /
    • 2012
  • The protection of medical information by major Issues on medical information to protect the individuals' privacy on medical information. Especially, Issues of medical service information, medical record, insurance, employment, Genetic technology including genetic test and screening, gene therapy and genetic enhancement is developing rapidly. Defensibility of medical information documentation is tested in the courts. medical information can be illicitly accessed from anywhere and transmitted across the quickly and with risk of detection. Once data is distributed on the internet, it may become available to anyone who wishes to purchase it, and it cannot be expunge. Patient privacy protection of medical information is controlled mostly by patient consent laws that define how and when a patient must consent before a physician may disclose the patient's medical information to anyone else. enterprise that offers consumers commodities or services is checking problem about customer information of management system is checking problem about customer information of management system essentially. Therefore, in this paper will find a way out to Protection of medical information by major Issues on medical information.

A Study on Application Methods of Drone Technology (드론기술 적용 방안 연구)

  • Kim, Hee-Wan
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.10 no.6
    • /
    • pp.601-608
    • /
    • 2017
  • In the fourth industrial revolution, drones are an important element to lead the industry by converging with information technology. Drones are developing various technologies by combining with communication / navigation / traffic management technology, control and detection / avoidance technology, sensor technology, SW and application technology. However, there are various problems in order to settle the drone technology. In this paper, it will be examined the problems of application of drones through application fields of drones, domestic and foreign cases, and core technologies of drones. The growth of the drone market requires improvement of laws and institutions. This paper proposed security vulnerability, privacy and safety problem in wireless communication, and present technical and management problems for drone service in the Korean environment in particular.

An Analysis on Intention to Use Information Service for Personal Information Breach (개인정보 침해 관련 정보 제공 서비스 사용 의도 분석)

  • Kim, Taek-Young;Jun, Hyo-Jung;Kim, Tae-Sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.1
    • /
    • pp.199-213
    • /
    • 2018
  • Since 2008, large-scale personal information breach incidents have occurred frequently. Even though national education, policy, and laws have been enacted and implemented to resolve the issue, personal information breaches still occur. Currently, individuals cannot confirm detailed information about what personal information has been affected, and they cannot respond to the breaches. Therefore, it is desirable to develop various methods for preventing and responding to personal information infringement caused by breach and leakage incidents and move to privacy protection behaviors. The purpose of this study is to create understanding of personal information security and information breach, to present services that can prevent breaches of personal information, to investigate the necessity of and analyze the potential public demand for such services, and to provide direction for future privacy-related information services.

Legal Issues To Be Considered Before Implementing Telehealth in South Korea (원격진료 실시에 수반되는 법적 쟁점들에 대한 고찰)

  • Lee, Won Bok
    • The Korean Society of Law and Medicine
    • /
    • v.22 no.1
    • /
    • pp.57-90
    • /
    • 2021
  • Telehealth has been a hotly debated health policy issue in South Korea, mostly because the medical community - especially primary care practitioners - have strongly opposed it. As a result, telehealth has remained forbidden under law. However, the temporary permission of telehealth in Korea, as well as its exploding use in other countries, all in response to COVID-19, is re-igniting the discussion on telehealth in Korea. This article explores general legal issues that may arise if and when telehealth is fully implemented in Korea. The article's analysis shows that legislative changes are necessary to allow reimbursement of telehealth as well as remote purchase of medicine. The article also advocates introducing new evidentiary rules to curtail covert recording of telehealth sessions. On the other hand, additional legislation is probably not necessary to address the medical liability of physicians practicing telehealth or to adress much-discussed privacy issues. The existing laws in those domains are already robust enough to operate without much difficulty in the context of telehealth too.

A Framework and Guidelines for Personal Data Breach Notification Act (개인정보 유출 시 통지.신고 프레임워크 및 가이드라인)

  • Lee, Chung-Hun;Ko, Yu-Mi;Kim, Beom-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.5
    • /
    • pp.169-179
    • /
    • 2011
  • Recent personal data breach incidences draw the public's attention to their privacy and personal rights. The new personal data protection law effective in September 2009 imposes additional legal responsibility on personal data controllers and processors. For instance, if a data breach occurs, this new law requires that the processors must notify individuals (data subjects) and data protection authorities of the nature of incidents. This research reviews the U.S. forty six state laws and related acts, and offers a framework for managing incidents. This framework includes five major components: (1) type of personal data required to be reported and notified, (2) the ultimate subject notifying data subjects, (3) event occurrence and notification time phases, (4) notification message details, and (5) direct/indirect communication media. Along with this framework, we also offer directions for effective/manageable guidelines on data breach notification act.

A Study on Personal Information Protection amid the COVID-19 Pandemic

  • Kim, Min Woo;Kim, Il Hwan;Kim, Jaehyoun;Ha, Oh Jeong;Chang, Jinsook;Park, Sangdon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.16 no.12
    • /
    • pp.4062-4080
    • /
    • 2022
  • COVID-19, a highly infectious disease, has affected the globe tremendously since its outbreak during late 2019 in Wuhan, China. In order to respond to the pandemic, governments around the world introduced a variety of public health measures including contact-tracing, a method to identify individuals who may have come into contact with a confirmed COVID-19 patient, which usually leads to quarantine of certain individuals. Like many other governments, the South Korean health authorities adopted public health measures using latest data technologies. Key data technology-based quarantine measures include:(1) Electronic Entry Log; (2) Self-check App; and (3) COVID-19 Wristband, and heavily relied on individual's personal information for contact-tracing and self-isolation. In fact, during the early stages of the pandemic, South Korea's strategy proved to be highly effective in containing the spread of coronavirus while other countries suffered significantly from the surge of COVID-19 patients. However, while the South Korean COVID-19 policy was hailed as a success, it must be noted that the government achieved this by collecting and processing a wide range of personal information. In collecting and processing personal information, the data minimum principle - one of the widely recognized common data principles between different data protection laws - should be applied. Public health measures have no exceptions, and it is even more crucial when government activities are involved. In this study, we provide an analysis of how the governments around the world reacted to the COVID-19 pandemic and evaluate whether the South Korean government's digital quarantine measures ensured the protection of its citizen's right to privacy.

A Trusted Sharing Model for Patient Records based on Permissioned Blockchain

  • Kim, Kyoung-jin;Hong, Seng-phil
    • Journal of Internet Computing and Services
    • /
    • v.18 no.6
    • /
    • pp.75-84
    • /
    • 2017
  • As there has been growing interests in PHR-based personalized health management project, various institutions recently explore safe methods of recording personal medical and health information. In particular, innovative medical solution can be realized when medical researchers and medical service institutes can generally get access to patient data. As EMR data is extremely sensitive, there has been no progress in clinical information exchange. Moreover, patients cannot get access to their own health data and exchange it with researchers or service institutions. It can be operated in terms of technology, yet policy environment are affected by state laws as well as Privacy and Security Policy. Blockchain technology-independent, in transaction, and under test-is introduced in the medical industry in order to settle these problems. In other words, medical organizations can grant preliminary approval on patient information exchange by using the safely encrypted and distributed Blockchain ledger and can be managed independently and completely by individuals. More apparently, medical researchers can gain access to information, thereby contributing to the scientific advance in rare diseases or minor groups in the world. In this paper, we focused on how to manage personal medical information and its protective use and proposes medical treatment exchange system for patients based on a permissioned Blockchain network for the safe PHR operation. Trusted Model for Sharing Medical Data (TMSMD), that is proposed model, is based on exchanging information as patients rely on hospitals as well as among hospitals. And introduce medical treatment exchange system for patients based on a permissioned Blockchain network. This system is a model that encrypts and records patients' medical information by using this permissioned Blockchain and further enhances the security due to its restricted counterfeit. This provides service to share medical information uploaded on the permissioned Blockchain to approved users through role-based access control. In addition, this paper presents methods with smart contracts if medical institutions request patient information complying with domestic laws by using the distributed Blockchain ledger and eventually granting preliminary approval for sharing information. This service will provide an independent information transaction and the Blockchain technology under test will be adopted in the medical industry.

Self-Sovereign Identity (SSI): Structured Literature Reviews with Socio-Technical Perspective (Self-Sovereign Identity (SSI: 자기주권신원) 연구 동향 분석: 사회경제, 법률, 기술적 고찰을 중심으로)

  • Son, Young Jin;Park, Min Jung;Park, Jung Suk;Hwang, Hwa Jung;Chai, Sang Mi
    • The Journal of Information Systems
    • /
    • v.30 no.4
    • /
    • pp.119-152
    • /
    • 2021
  • The concept of Self-Sovereign Identity (SSI) has emerged to overcome the limitations of traditional centralized personal identity management systems in our society. Therefore, in this study, 36 seminal researches out of 112 collected studies were investigated with a systematic literature review method to deliver a core common definition as well as the research trends on SSI in the socioeconomic, legal and technological fields. SSI studies in the legal field have mainly considered the conflicts with relevant laws such as General Data Protection Regulation (GDPR) and privacy protection laws. The study of SSI in the technology field have looked at the trends of the technical components to implement SSI and discussed the necessities of establishing standards to increase interoperability for SSI diffusion worldwide. This study ultimately derived the core definition of SSI from a various academic fields as "a trust-based personal identity management system that enables autonomous self-identification by a identity owner without a centralized system or 3rd party intervention". The results of this study contribute to the understanding of the essential SSI concept which were varied on different research fields and industries. The results also provide a foundation for discovering various SSI-based business models, applications as well as future research opportunities. Furthermore, this study suggested that SSI must be developed with interdisciplinary manner among the socioeconomic, legal, and technological fields to be practically applicable system to enable autonomous self-identification by a identity owner in our society.

Analysis the Types of Consumer Damages Incurred by Using a Digital Contents (디지털콘텐츠 소비자 피해유형 분석)

  • Nam, Su-Jung;Lee, Eun-Hee;Park, Sang-Mi
    • Korean Journal of Human Ecology
    • /
    • v.16 no.6
    • /
    • pp.1197-1209
    • /
    • 2007
  • The advance of digital contents industry shifts the focus of consumptions; from analogue to digital ones. It gives significant impact on individual life as well as overall society and culture, and it leads to the increased consumption of digital contents. Nevertheless, current digital contents industry fails to secure the sufficient consumer protection systems including relevant rules and laws which regulate the distribution, use, and other transaction activities of digital contents and the efforts, on the part of contents providers, to provide information to consumers and to protect them. Digital contents, by its nature, is different from the existing products so that its nature is likely to cause unique consumer problems totally different from the offline transactions and the electrical transactions of existing products. This study, therefore, aims to identify the possible problems which may be incurred by consumers in their use of digital contents, specify the types of consumer damages, and provide the underlying materials to improve the systems related to digital contents and take legally complementary measures for consumer protection. To identify the types of consumer damages, this study analyzed the results from consumer counselling cases, experts opinion survey, and FGI. For consumer damage cases, this study analyzed the consumer complaints received by open consumer counselling sites of the Korea Consumer Agency and Seoul Electronic Commerce Center. For experts opinion survey, it conducted questionnaire survey of the group of experts from digital contents manufacturers or providers, and those who treated consumer damages directly. For FGI analysis, it organized a panel of students and employees who had used digital contents to understand the types of consumer damages. The results of this study can be summed up as follows. Based on the results from consumer counselling cases, experts opinion survey, and FGI analysis, the consumer damages related to digital contents can be classified, in their nature, into economic or financial damages (25 cases), emotional or psychological ones (15 cases), time-related ones (7 cases), physical ones (4 cases), and privacy-related ones (i.e. leakage of personal data)(3 cases). More specifying the types of damages, damages can be subdivided into contract-, charge-, maintenance-, use-, individual-related ones and other ones. Among them, both contract- and charge-related damages appeared only in the economic or financial damages, whereas user-specific individual damages appeared only in physical and emotional or psychological ones. On the other hand, maintenance- and use-related damages and other ones were observed in both categories of economical or financial damages and time-related ones. Use- and privacy-related damages, in particular, caused emotional or psychological damages.