In the process of standardization, whether the announcement of a standard represents a cause or an outcome, it is opportunity of the trend of standardization or achievement. The process of standardization is to understand "why" and "how" to explore the detailed outline of a time flow. From a long-term perspective, a standard is the milestone of the standardization process. On May 26th 2010, with the announcement of the Personal Data Protection Act in Taiwan, information security management (ISM) of the Personal Data Protection Act has received much attention from the public. This study is centered on the working items of standards announced by the International Organization for Standardization (ISO) and the ongoing information security management system (ISMS) standards and standardization in order to propose standards which comply with the ISMS of the Personal Data Protection Act and methods which increase implementation control measures.
[1]
T. Grance,et al.
SP 800-122. Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
,
2010
.
[2]
Kevin M. Stine,et al.
Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule [revision 1]
,
2005
.
[3]
Richard Kissel,et al.
Guidelines for Media Sanitization
,
2006
.
[4]
Pradeep K. Khosla,et al.
Survivable Information Storage Systems
,
2000,
Computer.
[5]
Christopher J. Novak,et al.
2009 Data Breach Investigations Report
,
2009
.
[6]
Abhi Shelat,et al.
Remembrance of Data Passed: A Study of Disk Sanitization Practices
,
2003,
IEEE Secur. Priv..
[7]
赖晓龙,et al.
Key management method
,
2007
.