The 주민등록번호 is a unique ID issued by the Korean government to all citizens, required for HR, tax, finance, and medical purposes. Simultaneously classified as top-tier protected data under Korea's Personal Information Protection Act (PIPA).
Collection/storage rules
- Only collect with legal basis (HR purposes, etc.) - Encrypted storage mandatory - Mask latter digits when displayed/printed (show only DOB) - Access logs required - Destroy when no longer needed
Violation penalties
Plaintext storage without encryption: up to KRW 500M fine. Keeping it in Excel or a general database is effectively illegal.
HR SaaS handling
Flex, SAP, and similar tools auto-encrypt these IDs, log admin access, and use encrypted channels to NTS. Self-managing without such SaaS carries very high security risk.