With the advancement of science and technology and the popularization of the Internet, most people can find relevant information on the Internet. The security of data should be protected and classified to avoid leaking personal data or company secrets, causing personal damage and economic losses. News reports often say that such and such hospitals, such and such public institutions or companies are handling the littering of medical records or company documents, failing to follow the SOP process, leaking the privacy of patients or important company secrets, and being taken by someone to do bad things, causing money loss. This article discusses the personal information law, how to deal with the traditional machinery industry, so that the industry is willing to cooperate in the protection of personal data. This article regards a form as a data protection unit, and uses quantitative concepts to calculate the relevant fields of personal data on the form into a risk value data. The industry can do a good job of data protection according to the size of the risk value data of each form.