• Journal of the Korea Safety Management & Science
• /
• v.12 no.4
• /
• pp.107-116
• /
• 2010

To give a solution to solve personal information problems issued in this study, the domestic and overseas cases about information security management system including an authentication technique are analyzed. To preserve the outflow of personal information, which is such a major issue all over the world, a new security audit check list is also proposed. We hope this study to help information system developers construct and operate confidential information systems through the three steps: Analysis of risk factors that expose personal information, Proposal to solve the problem, Verification of audit checking items.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.3 no.5
• /
• pp.548-574
• /
• 2009

Personal information (hereinafter referred to as "PI") infringement has recently emerged as a serious social problem in Korea. PI infringement in the public and private sector is common. There were 182,666 cases of PI in 2,624 public organizations during the last three years. Online infringement cases have increased. PI leakage causes moral and economic damage and is an impediment to public confidence in public organizations seeking to manage e-government and maintain open and aboveboard administration. Thus, it is an important matter. Most cases of PI leakage result from unsatisfactory management of security, errors in home page design and insufficient system protection management. Protection management, such as encryption or management of access logs should be reinforced urgently. However, it is difficult to comprehend the scope of practical technology management satisfied legislation and regulations. Substantial protective countermeasures, such as access control, certification, log management and encryption need to be established. It is hard to deal with the massive leakage of PI and its security management. Therefore, in this study, we analyzed the conditions for the technical protection measures during the processing phase of PI. In addition, we classified the standard control items of protective measures suited to public circumstances. Therefore, this study provides a standard and checklist by which staff in public organizations can protect PI via technical management activities appropriate to laws and ordinances. In addition, this can lead to more detailed and clearer instructions on how to carry out technical protection measures and to evaluate the current status.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.5
• /
• pp.197-203
• /
• 2011

Personal information protection need to be addressed in terms of enterprise-wide and business issues, not just an information processing issue. Therefore, governance of personal information protection, which stress the importance of top management's roles aud responsibilities for personal information protection, has been noticed as an important agenda to resolve. The paper defines the concept of personal information protection governance and proposes the severn critical success factors (CSFs) for implementing the governance scheme. The proposed CSFs are tested in terms of feasibility and materiality by using the focus group interviews.

• Journal of the Korea Safety Management & Science
• /
• v.16 no.3
• /
• pp.433-441
• /
• 2014

Increasing the outsourcing of personal information treatment, the safe management and director for fiduciary is very important. In this paper, under the personal information protection management systems the current situation of fiduciary management and direction was reviewed and the certification system was analysed in terms of availability of the controled items. Under the basis of legal compliance at the time of the Privacy Act, the characteristics of outsourcing type was also analyzed and derived new controled items. As a result of the proposed research, new controled items for fiduciary could be used as a standard for the managing Director.

• The Korean Journal of Health Service Management
• /
• v.14 no.1
• /
• pp.103-110
• /
• 2020

Objectives: In this paper, we propose the ethical education direction by analyzing the personal information recognition and practice of music therapists. Methods: For the analyses, we selected 60 music therapists who answered a questionnaire from members of K Music Therapy Association, and analyzed task recognition and practice ask performance using IPA method. Results: In the IPA table, the areas of high recognition and practice (1) are the areas of personal information protection information management. In the IPA table, the areas of low awareness and high practice (2) are areas of privacy communication for those who have completed ethics education. In the IPA table, the areas of low awareness and low practice (3) are areas of privacy communication when ethics education is not completed. In the IPA table, areas of high awareness and low levels of practice (4) are areas of privacy protection. Conclusions: Continuing education should be provided to improve the curriculum on the protection of personal information for music therapists, thereby raising the awareness and practice of privacy.

• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.25-30
• /
• 2016

Personal Information Protection Act does not apply to certain personal information processings and personal information management as well as the data subject's right to access to their personal information collected by public authorities pursuant to Statistics Act. Such exclusion may lead to problems such as misuse and mishandling of personal information by data controllers as well as infringement upon the data subejct's right to control over their personal information. This study is to find solutions to the above problems, considering the public interests of statistics and the facilitation of the collection and the use of statistics. Ultimately, the study is to suggest recommendations for the Personal Information Protection Act to ensure the data subject's rights to request access and rectification as well as safe management of the collected personal information.

• Journal of Korean Dental Hygiene Science
• /
• v.4 no.1
• /
• pp.89-98
• /
• 2021

Background: The purpose of the present study was to gather basic data necessary for developing an educational program regarding the protection of patients' personal information. Such a program would stress the importance of the protection of patients' personal information for dental hygiene students obtaining clinical practice. Methods: A self-reported questionnaire-based survey was conducted targeting dental hygiene undergraduates who were obtaining clinical practice in the capital region. A total of 543 questionnaires were included in the analysis. Results: The results of this study were as follows: 1) the average score for awareness of the Patient Privacy Act was 2.93 on a 4-point scale; 2) the average score for the recognition of the protection of patients' personal information was 3.22 on a 4-point scale; 3) the area-based perception of the protection of patient's personal information was 3.37 points for communication, which scored highest, followed-by the linked-work area at 3.27 points, the patient's information management at 3.22 points, and the direct dental hygiene work at 3.18 points; 4) with regard to awareness of the protection of patients' personal information according to general characteristics, the perception was higher in the advanced academic year (p < 0.01), in those who had education regarding the protection of patients' personal information at both the university and the clinical practice institution (p < .05), and in those with higher grades (p < 0.01). Conclusions: Based on the above findings, the development and application of an educational program to improve awareness of the protection of patients' personal information are considered to be necessary by both universities and clinical practice institutions.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.13 no.1
• /
• pp.159-171
• /
• 2017

The purpose of this study is to investigate the effects of e - commerce technology characteristics and personal values on purchasing behavior by information security importance. The results of the empirical study that examined the university students in 2006 and 2016 are as follows. First, personal value is centered on personal values, such as self - esteem and self - esteem in 2006. In 2016, however, personal values such as self - fulfillment and personal relationship with others are important. Transactional ease and product service serve as the main value of the fun and pleasure of life, but the sense of accomplishment as the core value of information protection. Second, the technical characteristics of e-commerce are as follows. In terms of ease of transaction and product service, technology characteristics are simplified and directly effected over time. On the other hand, information protection works very closely with individual value, There was a strong tendency to enjoy benefits. Especially in 2006, if you want to enjoy transactional convenience through transaction information security or benefit from product service, it has been changed to recognize the importance of information security through payment in 2016.

• Journal of the Korean Society for information Management
• /
• v.32 no.1
• /
• pp.85-108
• /
• 2015

Personal Information Protection Act was first enacted in March, 2011, amended in September, 2011 and became effective. Nevertheless, the risk of interfering with personal information protection still remains, associated with collection, plagiarism, leakage, and even sales of personal information. The public libraries are not an exception. Accordingly, this study investigates the status of personal information protection in public libraries of Seoul and Gyeonggi province. Also, it tries to discover problems associated with the act and presents a model scheme to improve this situation. The scheme relates to (1) securing of a sufficient budget; (2) reinforcing professional education related to personal information; (3) developing detailed guidelines for public libraries.

• Journal of Information Technology Services
• /
• v.13 no.2
• /
• pp.163-172
• /
• 2014

Personal information has been stolen continuously and it is also affected from development of the Internet. So the government requires that companies spend more effort for protecting customers' personal information. The OLAP server also should meet this requirement, but it is hard to satisfy for the authority management. The OLAP server must use personal information to extract required information from database. This thesis suggests a model of separating between general information and personal information, so this model can help to minimize the leakage of personal information. The model is implemented and tested as a prototype. This prototype can prove that the new model is better than the original one. This study presents that the authority management on the separation between personal information and general information helps protect the personal information of customers.