To further implement the protection for the personal data held by immigration companies, the Ministry of the Interior National Immigration Agency (NIA) made an amendment on partial articles of the "Regulations Governing Personal Information File Security Maintenance and Administration for Immigration Business Organizations", and the renaming of the Regulations as "Regulations Governing Personal Information File Security Maintenance and Administration for Immigration Business Organizations Designated by Ministry of the Interior". The amendment was released and implemented on November 30, 2021.
The NIA stated that the management measures originally required immigration companies to formulate contingency planning in the event of a leak of personal data. Now it is to further strengthen immigration companies’ supervision measures for the protection of personal assets. The immigration companies will need to notify the Ministry of the Interior in writing within 72 hours after the data leaks. Measures such as administrative inspections will be initiated to further protect consumers’ personal data.
NIA stated that the immigration companies need to adopt appropriate precautionary measures in accordance with regulations if they collect and hold consumers’ personal information.
This amendment targets businesses that use information and communication systems to save more than 1,000 consumers’ personal data. Besides, it also clearly stated that 6 data security management measures should be adopted to implement and maintain the personal information of consumers. In addition, to strengthen the internal inspection mechanism of immigration companies, the frequency of regular inspections has also been revised and increased from at least once every two years to at least once a year.