Cynthia O’Donoghue writes:
South Korea’s Ministry of Government Administration and Home Affairs issued an amended version of the Standards of Personal Information Security Measures (the ‘Standards’). These Standards seek to close loopholes and inadequacies in the South Korean data protection law, and to counter the growing number of data breaches, especially those arising from use of mobile devices.
The amended version sets out extensive requirements, increases obligations on data handlers when outsourcing processing, and introduces new security measures for mobile devices.
Read more on Reed Smith Global Regulatory Enforcement Law Blog.
In their February newsletter, Lee & Ko provide a more detailed write-up of the changes in the standards, which went into effect in December 2014. Some of the changes occurred in response to massive data breaches in South Korea that were reported on my companion blog, DataBreaches.net.