Skip to content

Case Notes

Case Notes

 
Case No.:2022C05 New!
Restaurants took inadequate security measures to protect customers’ information – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2022C04 New!
Staff of a property management company disclosed the personal data of residents when using recycled paper – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2022C03 New!
A telecommunications company accepted a HKID Card that had been declared lost by a customer – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2022C02 New!
An employer posted a list containing the personal data of staff who were to undergo virus testing – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4, Human Resources
Case No.:2022C01 New!
Staff of a public transport company was doxxed – section 64 of the PDPO – disclosure of personal data... <more>
Areas of Concern:Section 64
Case No.:2021E02 New!
This case related to provisions on direct marketing... <more>
Areas of Concern:Direct Marketing
Case No.:2021E01 New!
This case related to DPP1 - Purpose and manner of collection of personal data, DPP3 - Use of personal data and Code of Practice on Human Resource... <more>
Areas of Concern:DPP1, DPP3, Human Resources
Case No.:2021DB04 New!
Unencrypted personal data transmitted in mobile applications – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2021DB03 New!
Loss of notebook computer containing work files – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2021DB02 New!
Inadvertent disclosure of students’ personal data via email by a university – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2021DB01 New!
Unauthorised access to an international fashion chain’s customer personal data system – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2021C04 New!
Unfair audio-recording of conversations with a subordinate by a supervisor – DPP 1 – collection of personal data... <more>
Areas of Concern:DPP1, Human Resources
Case No.:2021C03 New!
A hospital collected the time spent by a doctor on wards rounds and the number of patients he attended to, without prior notification – DPP 1–col... <more>
Areas of Concern:DPP1
Case No.:2021C02 New!
Disclosure of a customer's payment information to a third party by a travel agency – DPP 3 – use of personal data... <more>
Areas of Concern:DPP3
Case No.:2021C01 New!
Accessing a patient's electronic health record for non-medical purposes – DPP 3 – use of personal data... <more>
Areas of Concern:DPP3
Case No.:2020E04 New!
This case related to DPP1 - Purpose and manner of collection of personal data, DPP5 - Information to be generally available, Code of Practice on ... <more>
Areas of Concern:DPP1, DPP5, Human Resources, Monitoring
Case No.:2020E03 New!
This case related to DPP1 - Purpose and manner of collection of personal data... <more>
Areas of Concern:DPP1
Case No.:2020DB02 New!
A staff member transferred personal data held by his employer to his personal computer without authorisation – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2020DB01 New!
Unauthorised access of personal data held by public schools via a web-based application system – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2019DB03 New!
Recruitment platform wrongfully sent out emails containing CV information – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2019DB02 New!
Unauthorised circulation of confidential documents containing personal data in social media network – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2019DB01 New!
Personal data collection in shopping mall membership programmes and online promotion activities – DPP 1 – purpose and manner of collection of per... <more>
Areas of Concern:DPP1
Case No.:2018DB03 New!
Websites without secure transmission of personal data – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2018DB02 New!
Travel agencies’ customer databases being hacked – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2017DB02 New!
IT system containing over 11,000 unencrypted patients’ records being hacked – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2016DB04 New!
Online food ordering records leaked to the Internet involving 62,539 customers – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2016DB03 New!
Data leakage via a phishing email involving 6,131 members of an institute – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2016DB02 New!
Unauthorised download of 210,000 customers’ personal data by a contractor – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4
Case No.:2016DB01 New!
Credit card data of 11,655 Hong Kong customers hacked by a zero-day malware – DPP 4 – security of personal data... <more>
Areas of Concern:DPP4