Due to developed science and technology, it is easy and fast to collect, process, and use personal data in such an information society now. Personal information has been widely used on the business management. However, the individual rights are violate frequently and can be attributable to personal data collected, processed, and used either illegally or improperly. In order to establish an order of personal data flow and protect individual privacy, how to develop a personal data protection Act to regulate the business is a very important issue. The paper, first of all, describe and analyze the characteristics of personal data protection Act in Japan, which based on consideration of the burden on business and business freedom, to set scope of business and personal data. Moreover Administrative Organs supervise business by Administrative guidance and help them to make self-regulation. By establishing the privacy-mark authentication, corporation can be abided by law voluntarily. Finally, through analyzing and comparing Taiwanese personal data protection Act to that of Japan, the findings of this paper can make a advance proposal for revision draft which is being counseled in the Legislative Yuan.