Enterprise can use Big data to make business successfully and competitively in recent years. However more data means more risk. If Enterprise leak personal data, It will cost a lot of cost.The leaked events of Korea Credit Bureau makes many of executives resign in 2014. Personal information Protection Act was implemented formally in 2012. Regardless of organization size will be subject to the Personal Data Protection Act. The organization which protects data improperly might be sentenced to imprisonment for 5 years or $200 million fines. So Enterprise need a personal data protect mechanism to protect personal data, therefore fulfill the obligation of protecting personal data. The study applies the Gowin’s Vee research strategy. In the conceptual side, the literature collecting and studying are based on the approach of Grounded Theory to sort out the management measures. And build up the personal protect mechanism classification framework which is generated from the 4 management domains of BS 10012.Then make sure the management measures discussed in this research are suitable .We apply the Delphi Expert Questionnaires to fix this mechanism and delete a management measure. In the methodological, through interviewing individual case to realize the impact to the implementation of the Personal Information Protection Act in the industry, and take further feasibility evaluation. This research shows that research outcome, the Personal Protection Management Mechanism, Provides organizations a reference and compliance purpose to help them obey the law, reduce the risk litigation, and fulfill the responsibilities of protect personal data.