Taiwan Focus: How to comply with the Personal Information Protection Act
Taiwan's Personal Information Protection Act has left many companies unaware of their obligations to protect employee's personal information and how to establish their own personal information management system
Share:
Two years after the promulgation of the Personal Information Protection Act (PIPA), it finally came into force on October 1 2012. However, many companies have still not grasped the relevant provisions of the Act. There are many key requirements which companies are failing to meet in order to comply with the PIPA.
Personal information
Personal information encompasses name, birth date, ID number, passport number, personal characteristics, finger prints, marital status, family background, educational background, occupation, medical information, medical history, DNA, sexual activity, health examination, criminal record, contact information, financial status, social activities and any information capable of being used directly or indirectly to identify a person. In particular, information like medical history, DNA, sexual activity, health examination and criminal record are considered specific personal information. In principle, unless otherwise provided as exceptions, companies are prohibited from collecting, processing and using specific personal information.