|
|
|
|
|
|
|
|
|
The Privacy Commissioner for Personal Data,
Hong Kong (“PCPD”) Wins the “Most
Breastfeed-caring Corporate” Award in the “2017 My
Favourite Lactation Room Contest” organised by the Hong Kong
Breastfeeding Mothers’
Association
|
|
|
|
|
The PCPD supports natural parenting, and has
established a breastfeeding friendly workplace since 2016 to
provide an appropriate and friendly environment for its
breastfeeding employees so as to support their choices to continue
breastfeeding when returning to work after delivery.
|
|
|
|
|
|
|
The breastfeeding friendly facilities in the PCPD
office.
|
|
|
|
|
|
|
|
|
Register today to enjoy the Buy
One Get One Free offer exclusively for DPOC members!
(Offer ends 14 August
2017)
|
|
|
|
|
|
|
|
|
PCPD's
New Publication《注意!
這是我的個人資料私隱》
(Watch out! This is my personal data privacy) and "Personal Data
(Privacy) Law in Hong Kong - A Practical Guide on
Compliance
|
|
|
|
|
|
|
|
|
|
|
Professional Workshop on Privacy Management
Programme ("PMP") (6 September 2017)
The results of a recent incident of the massive
data breach by a government department revealed that it is of
paramount importance for organisations to adopt holistic and
encompassing PMP that ensure robust privacy policies and
procedures are in place.
This course will highlight the key features of
“Privacy Management Programme – A Best Practice
Guide”. Participants will be able to understand the baseline
fundamentals and components of a PMP and how to maintain and
improve it on an ongoing basis.
|
|
|
|
|
|
|
|
Think Privacy! Be Smart Online
View the PCPD's educational videos and play the quiz game!
|
Elderly Corner
Be a Smart Elderly! Take control of your personal data, and beware
not to fall into the privacy traps!
|
|
|
|
|
|
|
|
|
The recording of telephone
conversations
The Enquiry
If telephone conversation between the hotline staff of government
departments and members of the public will be recorded, how should
the departments do to comply with the requirements of the Personal
Data (Privacy) Ordinance (the Ordinance)?
|
|
|
|
|
|
|
PCPD's
comment
According to Data
Protection Principle 1 of the Ordinance, a data user shall collect
personal data in a lawful and fair manner. In general, when a call
is connected, a recorded message can be played to inform the caller
that the subsequent conversation may be recorded and state the
purpose of recording. Privacy policies and practices in relation to
the use, processing, retention and security of the personal data so
collected have to be made. Moreover, if a department gathers
telephone records to monitor the service of its staff, it shall
formulate policy on telephone monitoring and ensure that its staff
has been made known of the policy.
|
|
|
|
|
|
|
|
|
|
|
|
|
Q: You found a list of professionals’ contact
information on a public register on the Internet. Can you call
these professionals to promote your organisation’s latest
products?
A. Yes
B. No
The correct answer is B. One’s
personal data can be obtained from the public domain shall not be
taken to mean that he/she has given blanket consent for the use his
personal data for whatever purposes. Data provider’s original
purpose of making the personal data available in the public domain
should be considered. The restrictions, if any, imposed by the data
providers on further uses and the reasonable expectation of
personal data privacy of the data subjects must be
observed.
|
|
|
|
|
Q: When should you provide a
Personal Information Collection Statement (PICS) to your customers
when they do online shopping?
|
|
|
|
|
A. After they have placed the order
B. Before they provide their personal data for transaction
C. After the customer has received the goods
The correct answer is B. Your organisation
must provide the individuals with online PICS before collecting
personal data through the Internet. PICS should be displayed in a
clear and conspicuous manner (e.g. accessible on the same web page
or through a well described link). It should be easy to read and
understand, and its content must be consistent with any printed
version distributed offline.
|
|
|
|
|
Q: Which of the following is a
correct approach if personal data will be collected through mobile
apps?
|
|
|
|
|
A. Provide only the declaration for data accessing
right and no need to provide PICS
B. Provide a hyperlink to an organisation’s existing website
privacy policy statement (PPS)
C. Ensure the PICS and PPS are specific for the individual mobile
apps
The correct answer is C. Your organisation
must clearly display its PPS to its customers before they install
the app. The declaration for data accessing rights of the app
cannot substitute the PICS and PPS. The PPS should address
consumers’ right and obligations, describe what information
is collected, for that purposes it is used and with whom it is
shared.
|
|
|
|
|
|
|
|
|
|
|
Secure Socket Layer
(SSL)
Make good use of SSL to
protect online information.
|
Online Assessment Tool
– Retail
Start
testing your knowledge on how the industry should protect personal
data.
|
Data Breach
Notification
An online page with relevant guidance notes
and functions for submitting data breach notification to the
PCPD.
|
|
|
|
|
|
|
For enquiry, please contact us.
Address: 12/F, Sunlight Tower, 248 Queen's Road East, Wan Chai,
Hong
Kong
Tel: (852) 2877 7171
You are receiving our e-Newsletters because you are a
current member of the DPOC and it is one of the membership
privileges that we provide. If you do not wish to receive them,
please click here to unsubscribe.
|
|
|
|
