Information security activity is recognized as an essential factor for LG Electronics’ sustainable growth and we are implementing diverse activities for customer privacy protection.
Based on close communication and collaboration between our information security and legal teams, LG Electronics carefully monitors privacy protection legislations around the world and responds to them as immediately as possible. Thanks to our vigilant response, LG Electronics received no customer complaints concerning breach or protection of personal information.
With the Corporate Information Security Regulations as the governing principle, LG Electronics established the Corporate Information Security Rules and the Personal Information Protection Rules. All related policies conform to these rules to ensure that information security management at all business sites is operating at the highest level. These measures allow us not only to maintain a high level of information security management across the board, but also to enhance our corporate credibility by ensuring policy consistency across all business sites.
National governments across the world are strengthening laws and regulations on personal data and privacy protection, as attested by the European Union’s plan to implement stronger and more extensive data protection regulations, Russia’s new personal data localization law, and amendments to China’s Consumer Protection Act which extend the law’s coverage to the protection of personal information and privacy. As a global corporation whose operations span international boundaries, LG Electronics is implementing real-time responses to establish compliance with local data protection and privacy laws and regulations.
LG Electronics conducts a corporate-level annual assessment of its business sites and subsidiaries to evaluate their level of personal information management, and they are required to perform the same assessment internally on a semiannual basis. In order to gain public confidence in our stewardship of personal information, we submit ourselves to an annual certification process performed by the Korea Internet & Security Agency (KISA), and receive a biannual assessment from LG Corp. to identify and address risks.
LG Electronics has established a personal information impact assessment system to prevent compliance risks associated with related laws and regulations and to systematically and automatically manage personal information data and associated risks at a corporate level. With the system in place, we have the infrastructure to prevent non-compliances and information breaches, and to manage personal information systematically at a corporate level, thereby minimizing risks as well as potential damages.