The Ministry of Justice promulgated the enforcement rules Personal Information Protection ACT (“PIPA”) in October 2011 for the incoming effect of PIPA from 2012. Since PIPA is bound to whole kinds of corporates, The Revision of PIPA is binding to all corporates. The corporate representatives’ risks of liabilities (including criminal and administrative punishments and civil compensations) and responsibilities (the Revision of PIPA imposes the burden of proof on the corporates) are then drastically enhanced. Without taking action in advance, corporates will face enormous liabilities. Hence, it is a crucial task for corporates to minimize legal risks by reinforcing information security and establishing an effective PIPA system, in prevention of damage on corporates’ operation and reputation.
Deloitte PIPA team’s competitive edge
Deloitte Team, including DTT Attorneys-at-Law and Deloitte Enterprise Risk Services Department, has focused on the Revision of PIPA since its legislation, and provided feedback along with corporates to the Ministry of Justice on PIPA with respect to corporates’ practical needs. After the Revision of PIPA takes effect, Deloitte Team, under the appointment of government agencies and conglomerates, provides service including the incorporation of PIPA system (PIPA compliance projects), implementation of security system, training for senior supervisors and legal consultations. Now Deloitte Team has served clients across from industries of Banking, Insurance, Securities, Medical, Telecommunications, and Asset Management. Deloitte Team frequents the symposium on PIPA as guest speakers. Deloitte Team is definitely your best choice for PIPA compliance and consultations.
Personal Information Check and Management
To accurately assess the impact of PIPA, corporates need to be knowledgeable about the types, numbers and current management and storage of the personal information held thereby. Deloitte Team will assist clients to perform personal information check with an operation oriented methodology, and provide a thorough analysis on the hot spots and critical environment in relation to the operations.
Personal Information Management Impact Assessment and Improvement Advice
With a firm grip on the status of corporates’ personal information, Deloitte Team will assist corporates to perform the impact assessment on management system in terms of laws and information security, which facilitates the establishment of personal information management policy fitting in corporations.
Personal Information System Establishment and Consultations
The employees’ and outsourcing firms’ awareness and compliance of PIPA determine corporates’ risks of PIPA violation. In light of this fact, Deloitte Team will assist corporates to hold internal PIPA trainings and implement necessary personal information systems, such as providing templates of the 11 personal information protection measure and management scheme stipulated in the revision of PIPA. In addition, Deloitte Team will provide real time consultations with regards questions occurred to corporates during the compliance of PIPA and enforcement of systems.
Audit and check after the implementation Personal Information System
The revision of PIPA requires the corporate to perform audit and correction upon itself and upon its outsourcing firms after the implementation of Personal Information Protection System. Hence, Deloitte Team will give corporates advice on the correction or improvement measures based on corporates’ operation of the system. Under the appointment of corporates, Deloitte Team can audit and present audit report on the corporate and its outsourcing firm with respect to their personal information management system. With such audit reports, corporates secures a proof of compliance with PIPA once requested by authorities concerned or individuals.