In the digital era, safeguarding personal data security is of utmost importance. As cyberattack techniques continue to evolve, individuals face increasing privacy risks. Both businesses and individuals must enhance their awareness of data protection to ensure the confidentiality, integrity, and availability of personal data in different contexts, thereby reducing the risk of data breaches. Therefore, Personal Data Protection Act establish appropriate security measures to ensure that the personal data held by various organizations is adequately protected.

The development of identity authentication technology has progressed from traditional passwords to biometric authentication. Multi-factor authentication (MFA) is one of the most effective identity verification methods and has been widely adopted by major enterprises and government institutions. Examples include FIDO security keys and banks’ one-time passwords (OTP), both of which effectively reduce the risk of identity theft. By increasing cybersecurity awareness and implementing stronger identity verification measures, a more secure digital environment can be created, minimizing the threat of personal data breaches.

To address the issues of personal data and information security, Data Protection by Design (“DPbD”) for information and communications technology (“ICT”) systems is an approach where data protection measures are considered and incorporated into ICT systems during their development. By integrating data protection principles from the outset, organizations can build systems that better safeguard personal data and foster a culture of good data management practices. Ensuring DPbD at the beginning and throughout the lifecycle of an ICT system also helps to minimize unnecessary delays and reduce costs, compared to retrofitting data protection features afterward. DPbD should not be treated as an afterthought but rather embedded into an organization's practices.

Personal data protection is not just a legal requirement—it’s a competitive advantage. Yet, many businesses are caught off guard when regulators conduct compliance inspections. Is your company ready?

Join I-Chin Lee, Senior Legal Researcher at STLI, as she shares practical strategies from her experience with Taiwan’s Personal Data Protection and Management System (TPIPAS). This session will demystify regulatory inspections, break down compliance pain points, and provide actionable steps to help businesses integrate compliance into daily operations.

Key Takeaways

✅ Latest Amendments & Compliance Trends

✅ Regulatory Inspection Guide – Essential documents & common pitfalls

✅ Building Internal Controls – Strengthening compliance & avoiding penalties

Through real-world case studies, gain the confidence to face regulatory inspections and turn compliance into a business advantage. 

This talk focuses on the privacy challenges that arise after genetic testing, delving into the security concerns and potential risks associated with genomic data. As genetic testing technology becomes increasingly accessible, more consumers are opting for commercial genetic testing services to gain insights into their health risks and personal genetic traits. However, many overlook the fact that genetic data from these tests can be a high-risk source of privacy breaches. This presentation will examine the characteristics of genomic data, explaining how high linkage disequilibrium can be exploited to infer additional sensitive personal information, thereby posing a threat not only to individuals but also to their family members' privacy.