• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.2
• /
• pp.416-426
• /
• 2016

This study intended to identify dental hygienists' knowledge and extent of awareness and performance of patient's personal information protection. In addition, this research was conducted to contribute to medical centers' preparation of measures to strengthen the personal information protection by identifying the factors affecting dental hygienists' extent of performance related to the patient's personal information protection. After explaining the purpose and meaning of the research to the survey participants and gaining their consent, a self-administered survey was conducted from November 7, 2014 to June 30, 2015. The data on 210 dental hygienists in Busan city and Gyeongsangnam-do province was used for analysis. As a result, in dental hygienists with more than 10 years experience, the extent of the performance was significantly high (p<.05). In positions higher than a senior manager, the extent of knowledge was high (p<.01) and the extent of performance was significantly high (p<.05). In hospitals with more than 10 to 20 workers, the extent of awareness was significantly high (p<.05). Regarding the correlation of knowledge and the extent of awareness and performance, a high level of knowledge showed a positive correlation of the extent of awareness and performance (p<.01). As a result of a survey regarding what effects dental hygienists' knowledge and extent of awareness of patient's personal information protection have on dental hygienists' extent of performance, it was found that knowledge (.231) and the extent of awareness (.212) are factors affecting the extent of performance. Therefore, to increase the extent of dental hygienists' performance of patient's personal information protection, there is a need to improve the knowledge of patient's personal information protection and change its awareness. To change the awareness of patient's personal information protection, there is a serious need to carry out education targeting dental hygienists.

• Journal of Information Technology Services
• /
• v.12 no.1
• /
• pp.131-141
• /
• 2013

Matters related to the right to be forgotten started the dispute Europe to introduce it first when Data Protection Directive established in 1995 proceeded revision. Relating to this, diverse disputes proceed on responding to personal information protection and internet laws in our nation. Especially as our National Assembly submitted the law regarding the promotion of information and communication network use and protection of information and amendment of copyright, it is necessary to look into the movement on introduction of law of right to be forgotten closely in detail. EU which attempted the institutionalization for the first time, relating to review of General Data Protection Regulation, proposed opinions such as the necessity to define subjects of personal information concretely and specifically and or protection target and balanced consideration on freedom of expression which is constitutional value. In the case of our nation, there was legislation attempt to introduce the regulation but it was limited in the form of fallen effectiveness without concrete and detailed review on internet law. To solve such problems, it is necessary to look into issues and matters to be considered required to accept right to be forgotten closely and discuss possibility of introducing right to be forgotten, conflicts between fundamental rights becoming issue, effect of goal achievement of personal information protection through the system introduction, and other rational acceptance method.

• Journal of Information Technology Applications and Management
• /
• v.25 no.2
• /
• pp.133-146
• /
• 2018

The technical definition of Blockchain is commonly known 'distributed ledger', however, there is no legal definition for being accepted in worldwide. Therefore, unless legal definitions and concepts of Blockchain are presented, there is a possibility that various legal disputes will occur in the future in Blockchain environment. The purpose of this study is to derive legal issues related to personal information protection that can be conflicted in Blockchain environment based on domestic Privacy Act and GDPR. The outcomes of this study can prevent various legal disputes and provide solutions that may occur due to the spread of Blockchain. It also suggests the foundation for the improvement of Privacy Act. Finally, it contributes to activate of Blockchain, industry, in Korea.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.6
• /
• pp.197-208
• /
• 2014

In an information society, privacy protection is one of the most important ethical issues. In medical institutes in which personal medical information is collected and stored, in addition, a privacy breach can cause a serious damage on personal lives. This study attempted to develop privacy concern measurement tool in personal medical information to measure patients' concern on their medical information from medical service consumers' perspective and verify its validity. For this, privacy concern measurement tool in personal medical information was developed based on the results of previous studies. After performing Exploratory Factor Analysis(EFA) and Confirmatory Factor Analysis(CFA) on the measurement tool, its reliability and validity were verified. It appears that the measurement tool would be useful in developing decent privacy protection policy after investigating citizens' concern on the protection of personal medical information and domains they are interested in. For medical institutes as well, they would be helpful in coming up with a reasonable plan after figuring out problems in the protection of personal medical information and current status.

• International Commerce and Information Review
• /
• v.1 no.2
• /
• pp.249-271
• /
• 1999

This article deals with concept and theory of privacy and personal data on the basis of understanding of this matter, Especially concerns the infringement and protection of privacy and personal data that is violated by new media and electronic commercial transaction through case study and research of literature. The article seek to find out the resolution of legal problems on the protection of privacy and personal data. The resolution is in other words, that privacy and personal data protection law shall be established as a part of efforts to protect personal data and to activate electronic commercial transactions.

• Informatization Policy
• /
• v.21 no.4
• /
• pp.20-39
• /
• 2014

The age of big data has not only opened new opportunities for economic growth in various industries, but it has also created new problems related to personal information protection and privacy invasion. Given this situation, Korea's communications commission has proposed a big data guideline that specifies how companies should collect and utilize personal information in the big data environment. However, this guideline is more focused on industrial development than personal information protection, and it contains many features that conflict with personal information protection law as it currently exists. As a result, civic groups strongly oppose the guideline, as it may create serious privacy issues for subjects of information gathering. Thus, this paper analyses the limitations of the guideline by comparing it with domestic and foreign laws about personal information protection and privacy. We also discuss the direction of legalization and institutionalization with respect to the secure use of big data.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.20-32
• /
• 2020

This study is to develop and provide a personal information protection framework that enables IoT service providers to safely and systematically operate personal information of IoT service subjects in the overall process of providing IoT devices and services. To this end, a framework for personal information framework was derived through literature survey, and FGI with experts, it was divided into three stages, each of three stages: IoT service provision process and IoT personal information processing process. The study conducted an e-mail survey of related experts using AHP techniques to determine the importance of the components of the selected personal information protection framework. As a result, in the IoT service provision process, the IoT product and service design and development stage (0.5413) is the most important, and in the IoT personal information processing process, personal information protection in the collection and retention of personal information (0.5098) is the most important. Therefore, based on this research, as the IoT service is spreading, it is expected that a safe personal information protection framework will be realized by preventing security threats and personal information infringement accidents.

• Journal of Information Technology Services
• /
• v.22 no.6
• /
• pp.1-15
• /
• 2023

This study compares and analyzes the legal systems of Korea, the European Union, China, and the United States based on the disclosure principles and processing policies for personal data processing and provides references for seeking improvements in our legal system. Furthermore, this research aims to suggest institutional implications to overcome data transfer limitations in the upcoming digital economy. Findings on a comparative analysis of the relevant legal systems for disclosing privacy policies in four countries showed that Korea's privacy policy is under the eight principles of privacy proposed by the OECD. However, there are limitations in the current situation where personal information is increasingly transferred overseas due to direct international trade e-commerce. On the other hand, the European Union enacted the General Data Protection Regulation (GDPR) in 2016 and emphasized the transfer of personal information under the Privacy Policy. China also showed differences in the inclusion of required items in its privacy policy based on its values and principles regarding transferring personal information and handling sensitive information. The U.S. CPRA amended §1798.135 of the CCPA to add a section on the processing of sensitive information, requiring companies to disclose how they limit the use of sensitive information and limit the use of such data, thereby strengthening the protection of data providers' rights to sensitive information. Thus, we should review our privacy policies to specify detailed standards for the privacy policy items required by data providers in the era of digital economy and digital commerce. In addition, privacy-related organizations and stakeholders should analyze the legal systems and items related to the principles of personal data disclosure and privacy policies in major countries so that personal data providers can be more conveniently and accurately informed about processing their personal information.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.548-555
• /
• 2023

With the advancement of the internet, the use of personal information in online interactions has increased, underscoring the significance of data protection. Breaches of personal data due to unauthorized access can result in psychological and financial damage to individuals, and may even enable wide-ranging societal attacks aimed at those associated with the victims. In response to such threats, there is active research into security measures using blockchain to safeguard personal information. This study proposes a system that uses middleware and IAM (Identity and Access Management) services to protect personal information in a BaaS (Blockchain as a Service) environment where blockchain is provided via the Internet. The middleware operates on servers where IAM roles and policies are applied, authenticates users, and performs access control to allow only legitimate users to access blockchain data existing in the cloud. Additionally, to understand the impact of the proposed personal information protection method on the system, we measure the response time according to the time taken and the number of users under three assumed scenarios, and compare the proposed method and research related to personal information protection using blockchain in terms of security characteristics such as idea, type of blockchain, authentication, and confidentiality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.383-393
• /
• 2015

Recently, the number of companies consigning their personal information management work has been increasing; they consign the work for various reasons and purposes, for example, in order to reduce costs related to personal information managers, improve efficiency through professional performance and to improve service quality. As such, since the cases where an consigning agency - not the personal information manager - handles personal information are increasing due to the increase of consigning of the personal information management work, we need to concerned with and pay attention to how much such agency makes efforts for personal information protection. In this regard, this study suggests a plan for efficient management of the agency during the course of consigning work as well as a list of requirements for personal information protection to be considered in each phase of the following; establishment of personal information protection framework for all consigning work processes, selection of consigning agency, execution of consigning contract, operation and management of consigning work, and termination of contract.