Several employees of the National Health Insurance Administration (NHIA) are suspected of leaking people’s personal information. The news caused a public outcry and highlighted that there are big loopholes in government institutions’ information security. In view of this situation, the government should take the following steps:
First, the NHIA should as soon as possible draw up statutory regulations governing the protection of personal information. The National Health Insurance (NHI) database includes sensitive information about all insured people in Taiwan, including their health status and medical records.
However, the Constitutional Court’s Judgement No. 13 last year said that the National Health Insurance Act (全民健康保險法) lacks clear regulations regarding the subject, purpose, conditions, scope and methods of the NHI data storage, the external transmission, provision and use of the data, and about related organizational and procedural monitoring and protection mechanisms, as well as other important matters.
The judgement said that this is contrary to the intent of Article 23 of the Constitution, which embodies the principle of legal reservation, meaning laws should not unnecessarily restrict constitutionally protected rights and freedoms, as well as Article 22, which implicitly safeguards citizens’ right of private communication.
The court instructed the NHIA to amend the act and other related laws, or to enact a special law, to clearly define the matters within three years.
Considering the serious implications of the latest leak, the NHIA should speed up the drafting process of legislative amendments or a new law to bolster the regulation of personal information.
Second, the NHIA and other agencies should review and update their data security management systems. There are many public agencies that store and use people’s personal information. Besides the NHIA, these include police departments, and household registration and tax offices. The Regulations on Classification of Cyber Security Responsibility Levels (資通安全責任等級分級辦法) define government agencies’ cybersecurity responsibility levels on a five-tier scale according to the sensitivity of their purview, the type of information they store and process, and the scale of their communication systems.
The NHIA has the highest cybersecurity responsibility level.
In June 2019, the Ministry of Civil Service, which also has the highest level, discovered a leak of civil servants’ personal information. A Control Yuan investigation found out that the ministry had not fully evaluated its online operations and document management systems, which store information about the qualifications and pay grades of all civil servants, in accordance with relevant regulations, compromizing the security standards of the systems.
In view of the repeated occurrence of such incidents, the Ministry of Digital Affairs should immediately help government agencies comprehensively review the level of their internal information systems and operational processes to see whether there are any deficiencies and loopholes, and make improvements as soon as any such problem is discovered to prevent subsequent cybersecurity risks.
Third, government agencies should bolster the education of civil servants with regard to law, discipline and cybersecurity. The large number of personnel involved in the NHIA case shows that civil servants in general have an insufficient grasp of law and discipline, as well as inadequate awareness of cybersecurity.
The government should make improvements in those three aspects, so that the catchphrase “cybersecurity is national security” can be more than a mere slogan.
Wang Yu-pei is a civil servant.
Translated by Julian Clegg
With escalating US-China competition and mutual distrust, the trend of supply chain “friend shoring” in the wake of the COVID-19 pandemic and the fragmentation of the world into rival geopolitical blocs, many analysts and policymakers worry the world is retreating into a new cold war — a world of trade bifurcation, protectionism and deglobalization. The world is in a new cold war, said Robin Niblett, former director of the London-based think tank Chatham House. Niblett said he sees the US and China slowly reaching a modus vivendi, but it might take time. The two great powers appear to be “reversing carefully
As China steps up a campaign to diplomatically isolate and squeeze Taiwan, it has become more imperative than ever that Taipei play a greater role internationally with the support of the democratic world. To help safeguard its autonomous status, Taiwan needs to go beyond bolstering its defenses with weapons like anti-ship and anti-aircraft missiles. With the help of its international backers, it must also expand its diplomatic footprint globally. But are Taiwan’s foreign friends willing to translate their rhetoric into action by helping Taipei carve out more international space for itself? Beating back China’s effort to turn Taiwan into an international pariah
Typhoon Krathon made landfall in southwestern Taiwan last week, bringing strong winds, heavy rain and flooding, cutting power to more than 170,000 homes and water supply to more than 400,000 homes, and leading to more than 600 injuries and four deaths. Due to the typhoon, schools and offices across the nation were ordered to close for two to four days, stirring up familiar controversies over whether local governments’ decisions to call typhoon days were appropriate. The typhoon’s center made landfall in Kaohsiung’s Siaogang District (小港) at noon on Thursday, but it weakened into a tropical depression early on Friday, and its structure
Since the end of the Cold War, the US-China espionage battle has arguably become the largest on Earth. Spying on China is vital for the US, as China’s growing military and technological capabilities pose direct challenges to its interests, especially in defending Taiwan and maintaining security in the Indo-Pacific. Intelligence gathering helps the US counter Chinese aggression, stay ahead of threats and safeguard not only its own security, but also the stability of global trade routes. Unchecked Chinese expansion could destabilize the region and have far-reaching global consequences. In recent years, spying on China has become increasingly difficult for the US