[Seoul = Newsis] Reporter Jinyoung Lee = Ministry of Science, Technology and Information Technology (MSIT) is planning to protect personal information for 65 affiliated organizations that handle a lot of sensitive personal information of the people in 2022. It was announced on the 22nd that an action plan had been established.
The content of this plan is to designate and strictly manage the three main tasks of personal information processing: ① personal information files, ② personal information processing system, ③ management and supervision of personal information processing consignees, which were autonomously implemented by each institution to prevent personal information leakage accidents. contained
To this end, by reflecting the characteristics of each inspection task, the policy standards for access rights, inspection targets and methods, inspection forms, etc. are unified and manual, and the inspection of all institutions will be strengthened.
This is because there are currently more than 1,000 personal information files and personal information processing systems handled by each level of institutions, and there are more than 250 million information subjects, so it is necessary to actively respond to the risk of personal information leakage and misuse or abuse.
In addition, it was decided to promote the introduction and expansion of a solution for automated inspection of access records in the personal information processing system and a solution to prevent leakage and exposure of personal information on the homepage.
It is judged that it is time for technological advancement, such as 29 institutions currently promoting automatic access records check among institutions at each level, and the introduction and operation of personal information leakage prevention solutions on the website at the level of 32 institutions.
To this end, the current system will be inspected to enable constant monitoring of the homepage, which is the forefront of personal information collection, and will prioritize technological supplementation for safe system operation.
At the same time, it plans to strengthen the website vulnerability check by utilizing the three cyber safety centers operated by the Ministry of Science and Technology.
In addition, we plan to institutionalize the personal information protection policy implementation system operated by each institution and strengthen its expertise. Currently, it is pointed out that there is a shortage of dedicated personnel for personal information protection at each level of the institution, and the personnel in charge of assigned personnel lack relevant qualifications and lack of expertise.
In addition, the personal information protection council will be formed and operated for the personal information protection managers of each level of agency, which are at the center of decision-making, to strengthen the responsibility and linkage of personal information protection tasks.
Lee Tae-hee, head of the Planning and Coordination Office of the Ministry of Science and Technology, said that the interest and effort on personal information protection in the state and public institutions is an important matter that cannot be overemphasized. He said he would make an effort.