Hong Kong is a special administrative district of the People’s Republic of China. It is a global financial center and a major interconnection hub for digital services.
In the past decade, Hong Kong has made great progress in making a large number of government datasets available to the public. But the city is still behind other Asian economies.
The Hong Kong government is trying to make more of its data open, and the Global Open Data Index (GODI) has improved its rankings from 54th in 2014 to 37th in 2015. In addition, it has recently introduced new regulations for processing data.
However, data security is a huge challenge for Hong Kong. It is also facing an increasingly complicated web of data regulations proposed by Beijing.
To avoid potential pitfalls, it is critical that companies have strong data management practices in place. This is particularly true when dealing with personal data, which is subject to strict privacy rules in Hong Kong.
If a data user engages a processor, that agent or contractor must be licensed under the Personal Data (Privacy) Ordinance. The PDPO sets out what personal data is, the purposes for which it may be used and how it can be protected from unauthorised access, processing, erasure, loss or use.
It also imposes obligations on the data user to ensure that the processor complies with these requirements. If the data user is unsure about the compliance of its processor with these regulations, it should consult the relevant authority.
If a data user engages a data processor outside Hong Kong, the processor must be registered with the Information Privacy Commission of Hong Kong. The ICCH will then verify that the processor meets the relevant data protection and privacy laws. The ICCH will also notify the data user of the results.