Home / Add Bookmark / Site Map / 中文版 Search

Information Security Policy

                                                   Collection and utilization of personal information

    In accordance with the Personal Information Protection Act and related regulations, information will not

be arbitrarily released to third parties.

    When using this Web site, this Web site will automatically collect the following information: date and time,

the Web pages you have selected, your URL, your Web browser, your actions on this Web site(such as

downloads) and whether or not they were successful. This information will only be used to improve this Web

sites content.

Monitor behavior that causes a major load on this Web site.


‧Information safety rights training

Assign appropriate job responsibilities and distribution rights and set up an evaluation and examination

system and if necessary, a mutual support system for personnel who handle sensitive or secret information

or whose job requires them to have system administration rights.

Deal with personnel who take leave, retire, or are suspended in accordance with the established procedure

for such cases and immediately withdraw their access rights to the various system resources.

Provide information security education and training to personnel at different levels based on their role and

unction. To improve knowledge of information security and observance of security regulations, encourage

personnel to gain an understanding of the importance of information security and potential security risks.


‧Information security and protection

Establish a procedure to handle information security events and assign relevant personnel with the

responsibility to deal rapidly and effectively with information security events.

Establish a change management reporting mechanism for information infrastructure and systems to avoid

security leaks.

Carefully handle and protect personal information in accordance with provisions of the Computer-Processed

Personal Data Protection Act.

Set up a system backup facility to perform regular backups of necessary information and software to ensure

speedy recovery of normal operation during breakdowns or storage media failures.


‧Network security management

Install a firewall to control transfer of internal network data and access from outside networks and establish a

rigorous identification procedure.

Do not store confidential and sensitive data and files in a system open to the outside world. Do not e-mail

confidential files.

Conduct regular internal network data security and virus checks, and update virus definitions and other

security measures.


Query collection Collection
Health 99 Education Resource
Committee of Women’s Rights Promotion, Executive Yuan
Health Promotion Administration, Ministry of Health and Welfare