| 3.12 |
Without prejudice
to the generality of paragraph 3.11, a data user should not transmit
a copy or image of an identity card, nor invite the transmission to
itself of such copy or image, unless it has taken all reasonably practicable
steps to ensure that no individual will have access to the image or
copy so transmitted except the intended individual recipient or someone
acting on the instructions of such intended recipient. Such steps
should include:
|
3.12.1 |
in the
case of fax or Internet transmission through a public network:
| 3.12.1.1
|
wherever
practicable, the employment of technological safeguards
to ensure secure transmission of the data and to prevent
unauthorized access to the data transmitted; |
| |
|
| Note: |
Some examples
of such technological safeguards currently
available include encryption, fax "padlocks",
"confidential mail boxes", "automatic routing
to a dedicated computer directory", passwords
for access, etc. |
| |
|
| |
and |
| |
|
| 3.12.1.2
|
the
employment of other safeguard of a non-technological
nature, such as the using of a dedicated fax
machine for such transmission and advance
notification of an incoming fax; or |
|
| |
|
| 3.12.2 |
in the case
of sending a copy of an identity card by mail, making
sure that the copy is contained in a sealed envelope
and the image of the identity card is not visible
from the outside. |
|
Notice/
Copyright 2001 Office of the Privacy Commissioner for Personal
Data, Hong Kong. All rights reserved. Disclaimer
