What laws apply to the collection and use of individuals’ personal information?
Data privacy laws have become more prominent in recent years. As the amount of personal information available online has grown substantially, there has been an enhanced focus on the processing of personal data, as well as the enforcement of such laws.
Japan has recently made changes to it’s data privacy laws through the Amended Act on the Protection of Personal Information (2016), which went into effect in May 2017. There are also four guidelines relating to the Act (General, Cross-Border Transfer, Records of Transfer, Anonymous Data).
The Act separates personal information into two categories. Personal information, is defined as data relating to a living individual which can be used to:
- identify the individual; or,
- identify the individual in conjunction with easy reference to other information.
The second category, is defined as “special care-required personal information” sometimes referred to in other countries as sensitive personal information. Special care-required personal information includes data relating to a subject’s race, creed, social status, medical history, criminal record, fact of having suffered damage by a crime and other categories (defined by the government) which require special care so as not to cause unfair discrimination, prejudice or other disadvantages to the individual. This includes mental/physical disorders, health examination results, and criminal procedures.
When processing special care-required personal information, there are additional requirements and protections that must be followed, including obtaining consent (with a few exceptions).
The authority responsible for enforcement of data privacy law and regulations in Japan is the:
Personal Information Protection Commission
Led by PeopleDoc’s Chief Legal & Compliance Officer, the HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers, including the global law firm Morgan Lewis, to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where PeopleDoc’s customers have employees. HR Compliance Assist is a service exclusively available to PeopleDoc customers.