E-Zone | 完善數據私隱管理框架 免誤墜法網

E-Zone | 完善數據私隱管理框架 免誤墜法網

E-Zone | 完善數據私隱管理框架 免誤墜法網 1200 900 Hugill & Ip
Reading Time: < 1 minute

中小企日常營運中,有不同的路徑,包括電郵與社交網站上收到個人資料,但這也與個人私隱法例管理拉上關係。其中歐盟的通用數據保障(GDPR)法例規定,出現資料外洩或侵害事故後更需在 72 小時內公布,而罰款為公司年度收益 4% 或 2,000 萬歐元,以較高者為準。

  • 收集框架不容擅改
  • 可參考文件範本支援

曾任個人資料私隱專員公署律師,現為高葉律師行合夥人鄧嘉敏律師指出,本地對於數據管理的概念相關弱,到底相關是否需要請專人或建立平台處理,其概念未必清晰。他解釋,每一個數據收集的過程都屬完整生命周期,但案例卻不盡不同,就如會員與服務機構收集資料等,其數據的時序與處理方式有異。特別是在第一步收集個人資料時,要令用戶「被通知」數據可能被取存,讓他們知道需要借此提供服務,更要明言收集資料時的服務框架,內容不能隨便更改。

目前《個人資料(私隱)條例》(下稱條例)已有清晰提及個人資料的定義,而私隱專員公署也有不同的文件範本作支援,鄧嘉敏建議企業儲存資料要由基本與有系統的方式做起,否則業務營運數年規模漸大後,管理數據必定會出現混亂。由於條例屬於原則性的法例,並非針對特定行業而設。他認為就算是中小企的客戶,雖然人力與資源不足,但對於私隱數據管理已有意識。

目前市場上也有提供不同的工作坊,針對包括人力資源、金融服務等。在全球化經濟加上「網絡新日常」的共同衝擊下,如果企業業務持續成長,有機會接觸到其他國家與地區的市場時,更要留意相關法例在不同地方的實施,與合規要求。他指出不單是歐盟,就算是美國內各州分都有不同個人資料法例條文,在此情境下,企業或有需要諮詢當地的專業法律意見,再衡量是否需求提升管理數據的資源與人力。

Synopsis in English

Carmen Tang talks about data privacy management and its pitfalls, which in Hong Kong is still in its infantry stage – differently to what happens in the European Union or North America where local legislation (e.g. the GDPR) is in place making sure that data leakages and infringements are announced, and also punished with hefty fines.

Some progress has been made in Hong Kong and currently businesses are generally better aware of data privacy issues. Workshops and training courses are increasing – in particular in areas like Human Resources and Financial Services – and compliance is becoming of pivotal importance to companies.


The article was originally published on E-Zone

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

For performance and security reasons we use Cloudflare
required
Google Analytics tracking code disabled/enabled
Google Fonts disabled/enabled
Google Maps disabled/enabled
video embeds (e.g. YouTube) disabled/enabled
 
View our Privacy Policy
We don't eat shark fin but our website does use cookies, mainly for analytics and provision of content from other websites. Define your Privacy Preferences and agree to our use of cookies. Privacy Policy