By Kang Hyun-kyung
The government will issue certifications to private and public companies that effectively comply with regulations to enhance personal privacy information, the Ministry of Security and Public Administration said Sunday.
This move has come about following the increasing trend of people falling victim to scams as a result of leaks of their personal information by companies they have transactions with.
Companies and organizations can file applications for the certifications with the National Information Society Agency (NISA) from Nov. 28.
Upon receiving their applications, NISA will assess if the applicants effectively fulfill their duties stipulated under the Privacy Protection Law.
The agency will take a close look at the firms' privacy protection policies and what kinds of efforts they have in place to prevent leaks of private information of their clients.
Self-employed people will be required to meet 35 obligations set by NISA. Small- and medium-sized firms are required to meet 52 items, and large businesses or state-run firms with 65.
Firms or individuals that pass the test and granted certifications are obligated to undergo annual inspection from NISA to make sure that they are consistently complying with the rules.
The certifications will be effective for three years. Once the first three years ends, firms can renew their certification status with NISA's endorsement.
The ministry said that both companies and their clients will benefit from the certification program.
"Companies can gain trust from their customers with the certification program, and customers can find reliable entities more easily," a ministry official said.
Nearly 200,000 mobile phone users' personal information was illegally accessed last year through the connivance of some unscrupulous staff of affiliated firms of the nation's two largest mobile phone companies, KT and SKT.
공공기관이나 민간기업의 개인정보보호 수준을 정부가 인증하는 제도가 시행된다.
안전행정부는 27일 공공기관·민간기업이 일정한 개인정보보호 수준을 갖추면 정부가 인증마크를 주고 외부에 공개하는 '개인정보보호 인증제 운영에 관한 규정'을 28일 고시한다고 밝혔다.
인증을 원하는 기업이나 기관은 다음 달 28일부터 한국정보화진흥원에 신청하면 된다.
인증 심사 항목은 개인정보관리체계 15개와 개인정보보호대책 50개 등 최대 65개다. 소상공인은 33개 항목, 중소기업은 52개 항목, 대기업이나 공공기관은 65개 항목 모두 심사를 받아야 한다.
인증유효기간은 3년이며, 인증을 취득한 기업이나 기관은 지속적으로 인증요건을 충족하고 있는지 연 1회 유지관리 심사를 받아야 한다.
인증을 받으면 개인정보보호법에 따른 기획점검 대상에서 제외되거나 점검을 유예받고, 법 위반 때 고의성이 없으면 과태료 등 행정처분을 감경받을 수 있다.
문의는 한국정보화진흥원 개인정보보호사업부(☎02-2131-0365)로 하면 된다.