淡江大學機構典藏:Item 987654321/74425
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 62819/95882 (66%)
Visitors : 3998323      Online Users : 703
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/74425


    Title: 以BS 10012為基礎評估組織導入個人資訊管理制度之研究
    Other Titles: A study of introducing organizational personal information management system based on BS 10012
    Authors: 張書鳴;Chang, Shu-Ming
    Contributors: 淡江大學資訊管理學系碩士班
    黃明達;Hwang, Ming-Dar
    Keywords: 個人資料保護法;個人資訊管理制度;Personal Information Protection Act;Personal Information Management System;BS 10012;ISO 27001;PIMS
    Date: 2011
    Issue Date: 2011-12-28 18:37:01 (UTC+8)
    Abstract: 台灣刑事警察局2009年165反詐騙專線統計指出,網路購物個人資料(或簡稱個資)外洩詐騙事件排名第一,佔全部詐騙數35%,顯示個資外洩情形嚴重。在個人資料保護法三讀通過後,組織一旦違法使用個資,將面臨高價求償金、刑責等問題,組織可能需開始著手規劃並實施針對個人資料的相關保護工作,降低個資法帶來的衝擊。
    本研究以問卷調查方式,分析各組織個人資料保護現況。發現商譽受損是最多組織擔憂若不慎洩漏個資時的衝擊,但中小企業與非營利事業對於須自行舉證組織並無故意或過失洩漏個資的困擾更甚於商譽受損。本研究以BS 10012為基礎之「規劃」、「實行與運作」、「監督與審查」、「改善」等四構面,評估組織的個人資訊管理制度(Personal Information Management System, PIMS)狀況,提供十種組織可優先加強構面之建議,如資訊服務業、金融業等組織在「規劃」構面、政府部門等在「實行與運作」構面、非營利組織等在「監督與審查」構面與電信業等在「改善」構面,建議強化個人資訊管理制度上的不足,使組織降低個資法將帶來的衝擊。
    In 2009, the Criminal Investigation Bureau 165 anti-fraud hotline statistics indicated that internet shopping frauds due to leakage of personal information were ranked first, accounting for 35% of frauds. This indicates that personal information leakage is a serious problem. After third reading of the Personal Information Protection Act passed, if an organization uses personal information illegally, it will face high claims payments, criminal liability and other issues. To reduce the impact from the Personal Information Protection Act, organizations may need to begin to plan and implement relevant measures for the protection of personal information.
    This study used the a questionnaire survey to analyze the status of personal information protection in organizations. Goodwill impairment is found in most organizations which are concerned about the impact of accidental personal information leakage. However small and medium-sized enterprises and non-profit organizations are concerned about being required to prove that they have no intention or negligence related to personal information leakage problems than organization goodwill impairment. We assess an organizational personal information management system based on the four phases of BS 10012, “Plan", "Do", "Check", "Act”. Through this analysis, we provide priority strengthen phase advices for 10 organizations, For instance, the “information services industry” and “financial services industry” are in the "plan" phase, “government departments” are in the "Do" phase, “non-profit organizations” are in the "Check" phase, and the “telecommunications industry” is in the "Act" phase. Strengthening personal information management system will enable organizations to reduce the impact of the Personal Information Protection Act.
    Appears in Collections:[Graduate Institute & Department of Information Management] Thesis

    Files in This Item:

    File SizeFormat
    index.html0KbHTML332View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback