Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
South Korea: PIPC publishes impact assessment guide
On April 18, 2024, the Personal Information Protection Commission (PIPC) announced that it published a guide for Personal Information Impact Assessments. The PIPC stated that the guide contains details regarding evaluation items, including how the evaluation system has changed and standards for measuring personal information safety. The PIPC mentioned that the Personal Information Impact Assessment system is for public institutions that plan to build, operate, or change personal information files over a certain size so that they may analyze potential personal information infringement risk factors in advance and design safe personal information processing processes.
The PIPC highlighted that because of previous amendments to the Personal Information Protection Act (PIPA), if an obligated organization does not conduct an impact assessment or does not submit the assessment results (including a summary), the organization may be subject to a fine of up to WON 30 million (approx. $21,810).
You can read the press release and access the guide, only available in Korean, here.