Rules on the Appointment of an Administrator of Personal Information Management
Issued on April 1, 2005
Revised on March 12, 2015
Revised on May, 30, 2017
Revised on November 8, 2018
Revised on March 10, 2022
(Objective)
Article 1:
These Rules stipulate specific matters on the operation of Article 9 of the Doshisha Regulations Concerning the Protectionof Personal Information (stipulated on May 30, 2017 and hereinafter referred to as the ‘Regulations’) at DoshishaUniversity(hereinafter"University").
(Administrator of Personal Information Management)
Article 2 :
1.The Personal Information Protection Manager defined in Article 9.1 of the Regulations shall appoint a Personal Infromation Management Administrator (hereinafter ‘Administrator’) in each organizational unit which retains personal information, and engage them to administer secure management of personal information in such department.
2.The head of each organizational unit which retains personal information, such as faculty, department, institute, or center, shall be be appointed as the Administrator.
3.Each Administrator shall properly handle issues regarding the collection, storage and management of personal informaiton within the scope of their duties, as well as requests from individuals for the disclosure, correction and deletion of their personal information, in accordance with stipulations of the laws and regulations and the Regulations.
4. In addition to complying with the laws and regulations and the Regulations, each Administrator may establish appropriate procedures concerning the collection, utilization and management of personal information in their unit.
(Personal Information
Supervisor)
Article 3 :
1. Each Administrator shall appoint a person responsible for handling
personal information in the organizational unit under his/her jurisdiction
(hereinafter, “Personal Information Supervisor”) in order to properly manage
persons in charge of handling personal information as stipulated in Article 9,
Paragraph 2 of the Regulations and ensure the security control of personal
information.
2. The head of each organizational unit that retains personal information, such
as departments and offices, shall be appointed as the Personal Information
Supervisor.
(Reporting)
Article 4 :
1. In the event that any incident, such as leakage, loss or falsification of personal information, should occur, the Administrator of the relevant organizational unit shall report the incident to the Personal Information Protection Manager without delay.
2. Upon receipt of a report under the preceding
paragraph, each Administrator shall report it to the Personal Information Protection Manager without delay
(Revision of Abolition)
Article 5 :
The revision or abolition of these Rules shall be approved by the President upon the deliberations of the Personal Information
Protection Committee and the Directors Meeting.
(Supplimentary Article)
Regulations shall be enforced on April 1, 2022.
Rules on the Personal Information Protection Committee
Rules on the Appointment of an Administrator of Personal Information Management