PCO Office of the Privacy Commissioner for Personal Data, Hong Kong imagebanner image
Privacy Policy StatementSearchSite DirectoryText Only VersionChinese  
image
About PCPD
image
The Ordinance
image
Review of the Ordinance
image
PCPD Activities
image
Information Centreimage
Privacy Zone for Youngsters (Games)
image
Publications and Videos
image
Enquiries and Complaints
image
Case Notes
image
Contact Us
image
Annual ReportCode of Practice & Explanatory BookletConsultation Document/Report
NewsletterGuidance Note & Fact SheetLeaflet & FormOpinion Survey
OthersInvestigation Report / Inspection ReportInformation Book
image

Publications and Videos
Leaflet & Form
 

Personal Data (Privacy) Ordinance
A Guide For Data Users No. 3
Outline Action Plan For Complying with the Data Protection Principles

ACTION 4 - Ensure Security

Data Protection Principle 4 - security of personal data

  • Implement arrangements for ensuring an adequate level of protection for the personal data you collect, hold, process or use against unauthorised access, processing, erasure or other use.

  • While there are no hard and fast rules on what constitutes an adequate level of security in a particular case, the greater the sensitivity of the data and harm that would be caused by unauthorised access, etc., the higher the level of security should be. In deciding whether your security precautions provide an appropriate level of protection, you should have regard to:

    • the location of the data, for example, whether they are held in an area to which access is restricted;

    • security measures incorporated into the equipment in which the data are held, such as, the use of computer passwords;

    • measures for ensuring the integrity, prudence and competence of persons having access to the data; and

    • measures for ensuring secure transmission.

Previous PageimageNext Page

  imageNotice/ Copyright 2001 Office of the Privacy Commissioner for Personal Data, Hong Kong. All rights reserved. Disclaimer