摘要
[目的/意义]个人信息处理者非法处理个人信息的行政处罚案件频发,难以契合个人信息保护要求,有必要在合规视角下规范处理行为,保障个人信息安全.[方法/过程]通过法教义学方法解构《个人信息保护法》,在规范体系下,将合规处理行为归纳为事前、事中和事后三个阶段.[结果/结论]事前合规以"知情同意"为遵循,事中合规以"自我监管"为主线,事后合规则以"补救措施"为兜底,以此形成全过程合规路径,为个人信息安全保障与合规处理提供方向.
[Purpose/Significance]The frequent occurrence of administrative penalties for illegal processing of personal information by personal information processors makes it difficult to meet the requirements of personal information protection.It is necessary to regulate processing behavior from a compliance perspective and ensure personal information security.[Method/Process]Deconstructing the Personal Information Protection Law through legal doctrinal methods,and categorizing compliance processing behavior into three stages:pre event,during event,and post event under this normative system.[Results/Conclusion]Prior compliance is guided by"informed consent",while in-process compliance focuses on"self-regulation",and post compliance is backed by"remedial measures",forming a full process compliance path that provides direction for personal information security and compliance processing.
作者
吕晨
Lv Chen(Hunan University of Technology and Business,Hunan Changsha 410205)
出处
《网络空间安全》
2024年第4期42-46,51,共6页
Cyberspace Security
关键词
个人信息安全
个人信息保护法
知情同意规则
合规审查
补救措施
personal information security
personal information protection law
informed consent rules
compliance audit
remedial measures
作者简介
吕晨(1997-),男,汉族,福建南平人,湖南工商大学法学院,在读硕士,主要研究方向和关注领域:个人信息保护。
