In 2009, Criminal Investigation Bureau 165 anti-fraud hotline statistics indicate that internet shopping frauds due to leakage of personal information were ranked first, accounting for 35% of frauds, indicating a serious problem of personal information leakage. After the Personal Information Protection Act third reading passed, if organization uses personal information illegally that will face high claims payments, criminal liability and other issues. To reduce impact from the Personal Information Protection Act, Organizations may need to begin to plan and implement relevant for the protection of personal information.This research is used the method of questionnaire survey, analysis of the status of personal information protection in organizations. Organization goodwill impairment is found in most organizations are concerned about the impact from accidental personal information leakage. But small and medium-sized enterprises and non-profit organizations are concerned about required to prove organizational without intention or negligence of personal information leakage problems more than organization goodwill impairment. Assess the organizational personal information management system base on "Plan", "Do", "Check", "Act", four phases of BS 10012, through analysis to provide 10 types of organizations priority advices on strengthen phase, such as "information services industry" and "financial services industry" in the "plan" phase, "government departments" in the "Do" phase, "non-profit organizations" in the "Check" phase, and "telecommunications industry" in the "Act" phase. Strengthening Lack of personal information management system will enable to reduce impact from the Personal Information Protection Act.