• Journal of Advanced Navigation Technology
• /
• v.26 no.4
• /
• pp.244-248
• /
• 2022

The various digital services that people are experiencing recently are bringing about changes in the daily lives, and these changes are due to the spread of the Fourth Industrial Revolution. The 4th Industrial Revolution is based on the development of ICT technology, and ICT technology inevitably generates issues such as the use and protection of personal information as well as the use of public data. Accordingly, countries around the world are making efforts to revitalize new industries by wisely solving conflicting issues between the use and protection of personal information through legislation. There are some differences in the protection and use of personal information in Korea, the United States, and the EU. Korea trys to make the legislation that prioritizes the use of data, and the United States establishes individual laws governing the protection of personal information by sector, while the EU has clarified the strengthening personal information protection. This paper aims to find out how personal information protection is defined in Korea, the United States, and the EU through enacted laws and organize the direction of the future policies.

• Informatization Policy
• /
• v.25 no.3
• /
• pp.29-51
• /
• 2018

As the core technology of the Fourth Industrial Revolution, the Internet of Things has been developed and has enabled various services, and personal information has been handled freely in the process. However, the infringement threat of personal information is increasing as more convenient services are provided and more information devices including smart devices are connected to the network. Therefore, this study is to analyze prioritizing personal information protection policy indicators in order to provide IoT services by constructing secure environment for implementing the Internet of things as the core technology of the 4th Industrial Revolution. This study reviewed personal information protection policy indicators based on the literature survey, and identified 3 fields, 9 areas, and 25 indicators through Delphi analysis for experts. The weights were calculated based on the AHP survey for 66 experts and the results were used to present the relative importance and priority of the policy indexes. The results of this study found the policy field was the most important, followed by the technical field, and the administrative field. Of the three areas of the policy field, strengthening the personal information protection laws related to IoT is the most important, while among the indicators, promoting and revising the personal information protection law related to IoT is the most important. Comparisons of the fields, areas, and indicators of IoT-related personal information protection policies found consistent values. The personal information protection policy indicators derived this way will contribute to the nation's competitiveness by expanding secure IoT policies in the future.

• The Journal of the Korea Contents Association
• /
• v.10 no.11
• /
• pp.262-274
• /
• 2010

In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1245-1255
• /
• 2015

As cloud computing services become popular, the concern on the data security of cloud services increases and the efforts for the data security become essential. In this paper, we describe the pros and cons of cloud computing including the definition of cloud. Then, we discuss the regulations about the protection of user data defined in cloud promotion act. Previous studies related to the privacy protection and the entrustment of personal information in cloud computing are reviewed. We examine how to store the personal information depending on the cloud service model. As a result, we argue that the entrustment of personal information should vary according to the cloud service model and we propose how to protect the personal information on IaaS and SaaS cloud service models.

• Journal of Korea Multimedia Society
• /
• v.18 no.1
• /
• pp.42-51
• /
• 2015

In this paper, we analyze the quality status of Health and Welfare division's standardized log and asses the characteristics of the institutions' logs analysis to establish the criteria to minimize hazards and control the quality of log's institutional details to limit extraction. As a result, extraction condition's proposed development direction to adequately assess and control health and welfare abuses privacy control target log. This improvement over the status and quality of information shared with relation to institutional work of the log quality characteristics is made possible. In addition, quality control and inspection standards were prepared in accordance with the institutional log characteristics. Future research will include performing continuous analysis and improvement activities on the quality of logs with integrated control of sharing personal information and distributing information about logs' quality to proactively target organ. Therefore, we expect that correcting proactive personal information misuse and leakage is possible to achieve.

• Journal of Digital Convergence
• /
• v.15 no.9
• /
• pp.1-14
• /
• 2017

As we enter the era of big data, the value of personal information is becoming ever more important. However, personal information protection laws in Korea have several issues. Furthermore, existing research are limited in their ability to facilitate a comprehensive understanding of measures to improve personal information protection laws. Accordingly, this study analyzes improvements to be made in the current personal information protection laws based on existing research. A total of 39 research articles discussing the problems of the personal information protection law were selected and analyzed by applying the meta - analysis technique. According to the results, the various issues such as the meaning and scope of personal information, the role and obligations of relevant parties, provision of personal information to third parties, and redundant and imbalanced regulations in special acts in each field. that exist in the current personal information protection laws were confirmed. This study contributes to the improvement of inconsistency between information protection laws and related special laws in each field in practice. Academically, it will contribute to understanding the problems of th law from the macro perspective and suggesting the integrated improvement ways of the law.

• Journal of the Korean Society for information Management
• /
• v.32 no.1
• /
• pp.85-108
• /
• 2015

Personal Information Protection Act was first enacted in March, 2011, amended in September, 2011 and became effective. Nevertheless, the risk of interfering with personal information protection still remains, associated with collection, plagiarism, leakage, and even sales of personal information. The public libraries are not an exception. Accordingly, this study investigates the status of personal information protection in public libraries of Seoul and Gyeonggi province. Also, it tries to discover problems associated with the act and presents a model scheme to improve this situation. The scheme relates to (1) securing of a sufficient budget; (2) reinforcing professional education related to personal information; (3) developing detailed guidelines for public libraries.

• The Korean Society of Law and Medicine
• /
• v.13 no.1
• /
• pp.359-395
• /
• 2012

In a broad term, health and medical data means all patient information that has been generated or circulated in government health and medical policies, such as medical research and public health, and all sorts of health and medical fields as well as patients' personal data, referred as medical data (filled out as medical record forms) by medical institutions. The kinds of health and medical data in medical records are prescribed by Articles on required medical data and the terms of recordkeeping in the Enforcement Decree of the Medical Service Act. As EMR, OCS, LIS, telemedicine and u-health emerges, sharing and protecting digital health and medical data is at issue in these days. At medical institutions, health and medical data, such as medical records, is classified as "sensitive information" and thus is protected strictly. However, due to the circulative property of information, health and medical data can be public as well as being private. The legal grounds of health and medical data as such are based on the right to informational self-determination, which is one of the fundamental rights derived from the Constitution. In there, patients' rights to refuse the collection of information, to control recordkeeping (to demand access, correction or deletion) and to control using and sharing of information are rooted. In any processing of health and medical data, such as generating, recording, storing, using or disposing, privacy can be violated in many ways, including the leakage, forgery, falsification or abuse of information. That is why laws, such as the Medical Service Act and the Personal Data Protection Law, and the Guideline for Protection of Personal Data at Medical Institutions (by the Ministry of Health and Welfare) provide for technical, physical, administrative and legal safeguards on those who handle personal data (health and medical information-processing personnel and medical institutions). The Personal Data Protection Law provides for the collection, use and sharing of personal data, and the regulation thereon, the disposal of information, the means of receiving consent, and the regulation of processing of personal data. On the contrary, health and medical data can be inspected or delivered of the copies, based on the principle of restriction on fundamental rights prescribed by the Constitution. For instance, Article 21(Access to Record) of the Medical Service Act, and the Personal Data Protection Law prescribe self-disclosure, the release of information by family members or by laws, the exchange of medical data due to patient transfer, the secondary use of medical data, such as medical research, and the release of information and the release of information required by the Personal Data Protection Law.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.2
• /
• pp.416-426
• /
• 2016

This study intended to identify dental hygienists' knowledge and extent of awareness and performance of patient's personal information protection. In addition, this research was conducted to contribute to medical centers' preparation of measures to strengthen the personal information protection by identifying the factors affecting dental hygienists' extent of performance related to the patient's personal information protection. After explaining the purpose and meaning of the research to the survey participants and gaining their consent, a self-administered survey was conducted from November 7, 2014 to June 30, 2015. The data on 210 dental hygienists in Busan city and Gyeongsangnam-do province was used for analysis. As a result, in dental hygienists with more than 10 years experience, the extent of the performance was significantly high (p<.05). In positions higher than a senior manager, the extent of knowledge was high (p<.01) and the extent of performance was significantly high (p<.05). In hospitals with more than 10 to 20 workers, the extent of awareness was significantly high (p<.05). Regarding the correlation of knowledge and the extent of awareness and performance, a high level of knowledge showed a positive correlation of the extent of awareness and performance (p<.01). As a result of a survey regarding what effects dental hygienists' knowledge and extent of awareness of patient's personal information protection have on dental hygienists' extent of performance, it was found that knowledge (.231) and the extent of awareness (.212) are factors affecting the extent of performance. Therefore, to increase the extent of dental hygienists' performance of patient's personal information protection, there is a need to improve the knowledge of patient's personal information protection and change its awareness. To change the awareness of patient's personal information protection, there is a serious need to carry out education targeting dental hygienists.

• Journal of Digital Convergence
• /
• v.19 no.12
• /
• pp.125-132
• /
• 2021

This study analyzed the multi-mediating effects of information security, personal information infringement, personal experience, and information security intention in the relationship between personal information protection and information security attitude. For this purpose, a survey was conducted on 221 students from G University. First, information security, personal information infringement, and information security awareness had a simple mediating effect. Second, information security, personal information infringement, personal experience, and information security consciousness had parallel multi- mediation effects. Third, personal information infringement and information security awareness had a simple mediating effect in the parallel multiple mediation state. Fourth, information security had a simple mediating effect, but it was found that there was no simple mediating effect in the parallel multiple mediation state. This study is meaningful in that it empirically compared the simple and multi-mediation effects.