| Summary: | 碩士 === 國立宜蘭大學 === 多媒體網路通訊數位學習碩士在職專班 === 101 === Due to the flourishing development of mobile communications , Internet businesses , and mobile broadband , handheld mobile communications equipment is commonplace and the number of mobile phone users and fixed-line broadband users is growing rapidly every day. As the telecom industry stores massive amounts of users’ personal data , operators need to uphold users’ trust in them , so users can enjoy the telecommunication services worry-free! Personal information security is of major concern in society today and also a social responsibility of enterprises. Each link in the industry deals with users’ personal data , so the users and consumers require a professional system and all employees to provide the strictest protection. Carriers need to set a standard for all employees to follow that emphasizes personal data protection , in order to avoid causing damage , missing data , leaks , and other irreparable losses to the personal data of customers due to personnel negligence.
The telecommunications businesses include fixed broadband businesses , data services , mobile businesses , international businesses , inquiry numbers and inquiry number value-added services , domestic/international manual call transfers , as well as acceptance of fault declarations , customer complaints handling , and information businesses of the above mentioned businesses. The personal data protection measures of internal processes should be re-examined to enhance all personnel’s awareness of personal data protection. In addition to the scope of business , there are still accounts processing , fraud prevention , customer service and other key operating processes , as well as the development , operation , and maintenance of mobile communication support system , monitoring center management for mobile communications network activity and anti-hacker , other various processes , and information systems. Process management and operational levels need to establish a more complete personal data protection mechanism with high specifications , in order to implement the security matters of the new Personal Data Protection Act Enforcement Rules.
In response to the new Personal Data Protection Act , how carriers with imported information security management system can integrate the new Personal Data Protection Act to achieve their custodial responsibility must be discussed. Through the key management elements of ISO 27001 & ISO 27011 that correspond to the norms set to the appropriate security maintenance measures in Article 12 of the new Personal Data Protection Act Enforcement Rules , how carriers can strengthen management and educational training in compliance with the Act also requires discussion. In order to achieve the appropriate security measures in the collection , processing and use of personal data as specified by the new Personal Data Protection Act are also focuses of discussion in this study.
|
|---|
