South Korean Government To Certify Companies' Privacy Compliance

Author:Ms Cynthia O'Donoghue
Profession:Reed Smith

On 27 October 2013, South Korea's Ministry of Security and Public Administration (MOSPA) announced that beginning 28 November 2013, the government is set to issue certifications to companies that can demonstrate compliance with their duties under the Personal Information Protection Act (PIPA).

Companies will be able to file applications for certification to the National Information Society Agency (NISA), which will assess each applicant against a set of criteria, with the number of obligations depending on the size of the business. The self-employed will have to satisfy 35 obligations; small- to medium-sized companies will have 52 requirements; while large companies and state-run firms will have to meet 65 criteria.

The Certification Program will grant businesses with NISA endorsement status for a period of three years; however, companies will be subject to annual NISA review...

To continue reading