個人資料保護與資訊安全管理標準化之研究

文化大學機構典藏 CCUR > 商學院 > 觀光事業學系暨研究所 > 博碩士論文 > Item 987654321/27011

請使用永久網址來引用或連結此文件: https://irlib.pccu.edu.tw/handle/987654321/27011

題名:	個人資料保護與資訊安全管理標準化之研究 A Study on Personal Information Protection and Standardization of Information Security System
作者:	甯光程
貢獻者:	觀光事業學系觀光休閒事業管理碩士在職專班
關鍵詞:	個人資料保護法適當之安全措施 ISO27001 BS 10012
日期:	2014
上傳時間:	2014-03-06 15:29:13 (UTC+8)
摘要:	我國個人資料保護法(Personal Information Protection Act)於2010年完成修正，其雖係參考國際標準(international standard)訂定，但我國法規仍與國際標準有所差異，故企業難以主張其已通過國際標準，因此符合我國個資法規定。再者，我國個資法規範定有「適當之安全措施(proper security measures)」，並授權主管機關(government authority)進一步加以解釋，但目前各主管機關僅針對五個行業別進行解釋，其餘大多數企業仍未能得知其應如何遵從「適當之安全措施」之要求。因此，本文將以實務案例進行探討，使企業能合乎法規對適當安全措施之要求。此外，本文建議企業決定風險等級及對應的保護措施。且企業應依其所蒐集的個人資料性質、數量及不當使用或外洩所可能造成的傷害；以及企業之規模、商業模式與產業環境等，遵循產業標準及進行風險安全控制，以採取適當之個資防護措施。 This Thesis studies issues on the standardization of the information protection and security. Though in the present law system in Taiwan, Personal Information Protection Act had already been revised in 2010, and the revision was based on international standard, the present law in Taiwan still could not fit international standard. Moreover, present Personal Information Protection Act in Taiwan has a regulation of “proper security measures”, and government authority has power to expalin it, however, the government authorities have only explain on five types of industies, most of the industies in Taiwan are still unaware of how to obey the proper security measures. Therefore, the present thesis studies on proper security measures according to prectical cases. Beside, the thesis provided ways of protection on separate risk levels, and recommanded that industries should adopt proper security measures based on the analysis of personal information, business modes, risks of inapropriate use, the scope of industries and industrial envireonment, thus they could avoid the risk of improper measures.
顯示於類別:	[觀光事業學系暨研究所 ] 博碩士論文

文件中的檔案:

沒有與此文件相關的檔案.

檢視Licence

在CCUR中所有的資料項目都受到原著作權保護.

資料載入中.....