Privacy Protection Service

Services Introduction

Legislative Yuan had passed the new Personal Information Protection Act (PIPA) on April 27, 2010,  and the President had promulgated PIPA on May 26, 2010.  PIPA contains detail requirements in regards to the collection, processing and use of personal information by organizations.  In the event that personal information infringement incident does occur, relevant organization must be able to prove lack of negligence, or face the maximum damages up to NT $ 200 million dollars!

Ministry of Justice had announced a new version of the Personal Information Protection Act Enforcement Rules of the draft on October 27, 2011.  As a member of the management team, are you still puzzled by the details of PIPA?  Do you still believe that your company shall be compliant with PIPA as long as your information security management has reached a certain degree of maturity in your company?  Do you feel seriously challenged in regards to undertaking the massive personal information inventory task in your company?  Are you in control of your outsourced operation? Have you fulfilled your due diligence so favorable evidences can be presented to deal with potential litigations in the future?

At Deloitte, we recommend you to execute the following to achieve compliance with PIPA: through analysis of your company’s personal information flows and information systems, view personal information files’ acquisition, processing, transmission, storage, archiving and destruction, establish a Personal Information Management System (PIMS) based on Plan-Do-Check-Act (PDCA), in order to meet the requirements of customers and PIPA and accomplish the objective of personal information protection.

Deloitte's Advantage

Deloitte has been involved with PIPA since its drafting stage in 2004, and Deloitte has been consulted by the government on PIPA’s development since.  Deloitte began to market the Privacy Protection Service in 2008, and we have assisted many companies to develop comprehensive policies and plans entailing IT technology support, to enable their capabilities in protecting their sensitive information.  Deloitte currently has the largest Privacy Protection Service team in Taiwan.

Deloitte has accumulated vast experiences in implementing PIMS for many large companies in the fields of financial holding, banking, insurance, telecommunications, retail, automotive, real estates, direct sales and commercial printing, etc.

Service Item

• Personal Information and Privacy Impact Analysis Service
• Personal Information Protection and Control Design Management System: Planning and Promotion
• Privacy Mark Management System Implementation Service
• Outsourced Personal Information Collection, Processing and Use Compliance Audit Service
• Personal Information Protection Tool Deployment Consulting Service