Description

Adopted Guideline to Strengthen Data Security

On 22 September 2023, the Office of the Privacy Commissioner for Personal Data (PCPD) issued a guideline to strengthen organisational data security measures in response to recent cyber attacks resulting in personal data leaks. These guidelines emphasise the necessity of regular data security assessments and the implementation of comprehensive security measures including secure network systems, consistent vulnerability assessments, effective patch management, data encryption, and diligent database management. The PCPD also highlighted the importance of compliance with the Personal Data (Privacy) Ordinance, particularly Data Protection Principle 4. For small and medium enterprises (SMEs), the PCPD has established a specialised hotline and email service offering guidance on PDPO compliance.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2023-09-22
adopted

On 22 September 2023, the Office of the Privacy Commissioner for Personal Data (PCPD) issued a guid…