|
Article 20
|
If aspecific non-government agency has one among those enumerated below transpired, the central authority in charge of relevant industry shall order it to complete corrective actions within the specified time limit. If it fails to complete corrective actions within the specified time limit, it shall be subject to a fine ranging from NT$100,000 as the minimum to NT$1,000,000 as the maximum for each offense:<br/>1. If it fails to stipulate, amend or implementthe cyber security maintenance planin accordance with Paragraph 2 of Article 16 or Paragraph 1 of Article 17, orviolates the essential items in the cyber security maintenance plan under Paragraph 6 of Article 16 or Paragraph 4 of Article 17.<br/>2. If it fails to submit the report on implementation of the cyber security maintenance plan to the central authority in charge of relevant industry in accordance with Paragraph 3 of Article 16 or Paragraph 2 of Article 17, or fails the requirements with the submittal of the implementation of the cyber security maintenance plan stipulated under Paragraph 6 of Article 16 or Paragraph 4 of Article 17.<br/>3. If it fails the requirements under Paragraph 3 of Article 7, Paragraph 5 of Article 16 or Paragraph 3 of Article 17, unable to submit the improvement reports to the competent authority, the central authority in charge of relevant industry, or violates the regulation with the submitting of the improvement report under Paragraph 6 of Article 16 or Paragraph 4 of Article 17.<br/>4. If it fails to stipulate the reporting and responding mechanism of cyber security incidentin accordance with Paragraph 1 of Article 18, or violates the essential items inthe reporting and responding mechanism under Paragraph 4 of Article 18.<br/>5. If it fails the requirements under Paragraph 3 of Article 18, unable to submit the cyber security investigation, handling and improvement reports regarding cyber security incidents to the central authority in charge of relevant industryor the competent authority, or violate the regulation with the submitting of thereport under Paragraph 4 of Article 18.<br/>6. If it violates the regulation regarding the contents of notification under Paragraph 4 of Article 18.
|