Skip to Main Content
Passed by the legislature on Apr. 27, 2010, Taiwan's new Privacy Protection Act will take effect in 2012. In order to avoid penalties and loss of reputation for violation of the act, all enterprises must pay additional attention to information security. Among the current corporate information systems, human payroll systems contain most personal information of a company. Therefore, this paper investigates domestic laws governing information security and internal information security controls commonly used by enterprises. With assistance of experts and scholars, this paper explores the necessary adjustments of human payroll systems for compliance with the Privacy Protection Act. The human payroll systems of a case company is used as an example to validate whether these adjustments can make it compliant with the Privacy Protection Act and reduce the relative impacts on the company. Holding a positive view of the benefits of the Privacy Protection Act, this paper attempts to find a cost-effective response plan, which can ultimately minimize the crime rate of information leakage.