Text
Defendant
A Imprisonment with prison labor of one year and a fine of two million won, and Defendant B shall be punished by a fine of three million won.
The Defendants respectively.
Reasons
Punishment of the crime
Defendant
A was an employee of the National Health Insurance Corporation from November 1, 1987 to June 24, 2019, who was working as an employee of the National Health Insurance Corporation, and managed personal information while performing long-term care duties from January 25, 2010 to June 24, 2019, including handling of a long-term care computer program. Defendant B is the operator of the “C Care Center” and “D Care Center.”
1. Defendant A received a request from a person admitted to a medical care center for operation B to receive a prompt rating for recognition of long-term care from a person admitted to the medical care center for operation B, and received the relevant person’s personal information, Defendant A connected to the long-term care information system, perused the said person’s personal information without permission, and changed the address of the said person’s personal information to a voluntary address within the jurisdiction of the center where Defendant A works for the said person, and entered the said person into the computer as if he received a normal rating for recognition of long-term care.
A personal information manager may use personal information only within the scope prescribed by the Personal Information Protection Act, such as obtaining consent from a subject of information, and shall not use personal information beyond the scope thereof. A person who, having access to the integrated information system for long-term care, entered the personal information of a G transferred from B without consent from G in the visit schedule registration program and then perused the relevant information without permission, is entitled to use the personal information from April 8, 2016 to February 25, 2019 on a total of 27 business programs without consent from the subject of information, and without consent from 1,562 times in total. 2) A person who has managed or has processed the personal information without permission or permission.