press enter to main content

MOHW logo


Personal Data Protection



      Agencies are required to comply with regulations on the collection, processing, and use of personal data for epidemic prevention purposes.

I.  In order to prevent the spread of the epidemic, all agencies must collect, process, or use personal data to assist in epidemic prevention. In order to avoid the infringement of personality rights and to use such data in a reasonable manner, all agencies must properly implement personal data protection.

II. In addition to complying with the Special Act for Prevention, Relief and Revitalization Measures for Severe Pneumonia with Novel Pathogens and the Communicable Disease Control Act, agencies must comply with the Personal Data Protection Act when collecting, processing, and using personal data for epidemic prevention purposes.

III. The rights and interests of individuals must be protected in the collection, processing, or use of their personal data, which must comply with the principle of minimization and may not exceed the scope necessary for epidemic prevention purposes.

IV. Government agencies must fulfill their obligation to protect the security of the personal data they collect and adopt appropriate technical and organizational security measures to prevent personal data from being stolen, altered, damaged, destroyed, or leaked.

V. After the specific purpose for personal data collection no longer exists, agencies must actively delete personal data that is no longer needed.

VI. When an individual exercises their rights in accordance with the Personal Data Protection Act, such as requesting access to, cessation of the processing and use of, or deletion of their personal data, agencies must accept such a request and handle the request in accordance with the law.

  • Created:2020-05-15
  • Last Updated:2023-08-21
  • Data Source:Centers for Disease Control, Ministry of Health and Welfare
  • Count Views: