查詢結果分析
來源資料
相關文獻
- 遵循個人資料保護法下之人力資源系統再造
- 資訊安全與個資法之整合架構於醫療產業之應用
- 鑑識會計於銀行業個資糾紛案件運用之探討--德爾菲法應用
- 建構個人資料保護之數位證據鑑識標準作業程序
- 數位保險發展國際趨勢之研析
- 導入個人資料保護經驗分享
- 雲端運算與個人資料保護--以臺灣個人資料保護法與歐盟個人資料保護指令的比較為中心
- Study of Implementation of Enterprise Database Activity Monitoring Based on Agile Project Management
- 從雲端運算探討政府、企業與個人的道德議題
- ISMS與PIMS整合導入之研究--以國防部全球資訊網站系統為例
頁籤選單縮合
題 名 | 遵循個人資料保護法下之人力資源系統再造 |
---|---|
作 者 | 李興漢; 劉漈浚; | 書刊名 | 電腦稽核 |
卷 期 | 26 2012.07[民101.07] |
頁 次 | 頁121-138 |
分類號 | 312.76、312.76 |
關鍵詞 | 人力資源系統; 個人資料保護法; 資訊安全; 資訊系統再造; Human resources system; HRS; Privacy protection act; Information security; Information system reengineering; ISR; |
語 文 | 中文(Chinese) |
中文摘要 | 個人資料保護法已於民國99年5月26日經總統公布,法務部於民國100年10月27日公布個資法施行細則,全台灣各政府單位及各產業都必須遵循此保護法的規範,企業為避免遭受龐大的罰款與名譽受損,因此必須更加注重資訊安全的重要性;而在企業資訊系統中擁有最多個人資料的系統應屬人力資源系統(Human Resource System, HRS),經查目前市佔率較高的人力資源系統都還存有一些洩漏個人資訊的弱點存在,例如:資料庫欄位未加密、存取筆數未設限和顯示畫面未對敏感性欄位隱藏等。有鑑於此,本文參考現行國內法規以及探討企業內部資訊安全控制,藉由專家學者的協助調查人力資源系統應該做哪些必要調整,透過個案公司之人力資源系統之配合修正,以驗證相關之修改能符合個人資料保護法之要求,降低此法對企業所帶來的相對衝擊,期望能找出低成本的因應方案,正視個人資料保護法帶來的好處,最終能將資料外洩犯罪率降到最低。 |
英文摘要 | Passed by the legislature on October 27, 2010, Taiwan's new Privacy Protection Act will take effect in 2012. By then, all government departments and private sectors around the nation will be subject to the regulation of this protection act. In order to avoid penalties and loss of reputation for violation of the act, all enterprises must pay additional attention to information security. Among the current corporate information systems, human resource systems contain most personal information of a company. A review of dominant human resource systems in the market shows that most of these systems still have some weaknesses that may easily result in personal information leakage, including non-encryption of database columns, no limitation on maximum data access, visibility of sensitive columns, and so on. Therefore, this thesis investigates domestic laws governing information security and internal information security controls commonly used by enterprises. With assistance of experts and scholars, this thesis explores the necessary adjustments of human resource systems for compliance with the Privacy Protection Act. The human resource systems of a case company is used as an example to validate whether these adjustments can make it compliant with the Privacy Protection Act and reduce the relative impacts on the company. Holding a positive view of the benefits of the Privacy Protection Act, this study attempts to find a cost-effective response plan, which can ultimately minimize the crime rate of information leakage. |
本系統中英文摘要資訊取自各篇刊載內容。