文化大學機構典藏 CCUR:Item 987654321/27011
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47249/51115 (92%)
Visitors : 14216706      Online Users : 677
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/27011


    Title: 個人資料保護與資訊安全管理標準化之研究
    A Study on Personal Information Protection and Standardization of Information Security System
    Authors: 甯光程
    Contributors: 觀光事業學系觀光休閒事業管理碩士在職專班
    Keywords: 個人資料保護法
    適當之安全措施
    ISO27001
    BS 10012
    Date: 2014
    Issue Date: 2014-03-06 15:29:13 (UTC+8)
    Abstract: 我國個人資料保護法(Personal Information Protection Act)於2010年完成修正,其雖係參考國際標準(international standard)訂定,但我國法規仍與國際標準有所差異,故企業難以主張其已通過國際標準,因此符合我國個資法規定。再者,我國個資法規範定有「適當之安全措施(proper security measures)」,並授權主管機關(government authority)進一步加以解釋,但目前各主管機關僅針對五個行業別進行解釋,其餘大多數企業仍未能得知其應如何遵從「適當之安全措施」之要求。
    因此,本文將以實務案例進行探討,使企業能合乎法規對適當安全措施之要求。此外,本文建議企業決定風險等級及對應的保護措施。且企業應依其所蒐集的個人資料性質、數量及不當使用或外洩所可能造成的傷害;以及企業之規模、商業模式與產業環境等,遵循產業標準及進行風險安全控制,以採取適當之個資防護措施。
    This Thesis studies issues on the standardization of the information protection and security. Though in the present law system in Taiwan, Personal Information Protection Act had already been revised in 2010, and the revision was based on international standard, the present law in Taiwan still could not fit international standard. Moreover, present Personal Information Protection Act in Taiwan has a regulation of “proper security measures”, and government authority has power to expalin it, however, the government authorities have only explain on five types of industies, most of the industies in Taiwan are still unaware of how to obey the proper security measures.
    Therefore, the present thesis studies on proper security measures according to prectical cases. Beside, the thesis provided ways of protection on separate risk levels, and recommanded that industries should adopt proper security measures based on the analysis of personal information, business modes, risks of inapropriate use, the scope of industries and industrial envireonment, thus they could avoid the risk of improper measures.
    Appears in Collections:[Department of Tourism & Graduate Institute of Tourism Industry ] Thesis

    Files in This Item:

    There are no files associated with this item.



    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback