Given the close integration of cities in the Guangdong–Hong Kong–Macao Greater Bay Area (Greater Bay Area), the demand for data flows between Hong Kong and other cities in the Greater Bay Area is increasing. In addition to enabling the overall digitalisation and economic development of the Greater Bay Area, cross-boundary data flows will expedite the establishment of the “Digital Bay Area”.

Against this background, the Memorandum of Understanding on Facilitating Cross-boundary Data Flow Within the Guangdong–Hong Kong–Macao Greater Bay Area (MoU) was signed by the Cyberspace Administration of China (CAC) and the Innovation, Technology and Industry Bureau of the HKSAR Government (ITIB) in June 2023. As a facilitation measure under the MoU, the CAC, the ITIB and the Office of the Privacy Commissioner for Personal Data (PCPD) jointly formulated the Standard Contract for Cross-boundary Flow of Personal Information Within the Guangdong–Hong Kong–Macao Greater Bay Area (Mainland, Hong Kong) (GBA SC) in December 2023. The GBA SC aims to foster the cross-boundary flow of personal information within the Greater Bay Area and streamline the compliance arrangements.

To help organisations in Hong Kong understand the applicability of the GBA SC and its contractual clauses, the PCPD has issued the “Guidance on Cross-boundary Data Transfer: Standard Contract for Cross-boundary Flow of Personal Information Within the Guangdong–Hong Kong–Macao Greater Bay Area (Mainland, Hong Kong)”.

The PCPD organises this seminar, in which the Government Chief Information Officer ,Ir. Tong Wong, JP, will provide an overview of the facilitation measure of the GBA SC including the relevant filing requirements and an update on the “early and pilot implementation” arrangement of the GBA SC. The Privacy Commissioner for Personal Data, Ms Ada Chung Lai-ling, will explain the scope of application of the GBA SC and the obligations and responsibilities of contracting parties thereunder, and highlight the requirements under the Personal Data (Privacy) Ordinance in transferring personal data from Hong Kong as well as the latest requirements under the Regulations on Facilitating and Regulating Cross-Border Data Flow issued by CAC on 22 March 2024.

We welcome data protection professionals, legal practitioners, and all who are interested to learn about cross-boundary transfers of personal information to join us.

Enrolment is on a first-come-first served basis.

Medical and healthcare records contain sensitive personal data of individuals, and any unauthorised or accidental access, processing, erasure or loss of use of such data may have significant impact or cause harm to the affected individuals.

To help hospitals and organisations in the medical and healthcare sector better protect personal data privacy and enhance data governance, the Office of the Privacy Commissioner for Personal Data (PCPD) has invited the Outstanding Gold Awardees of the PCPD’s “Privacy-Friendly Awards 2023” from the sector to share their practical experience and insights in developing a Personal Data Privacy Management Programme, as well as handling any issues that organisations may encounter in implementing data governance and strengthening data security.

Medical and healthcare professionals, practitioners and providers, data protection officers and others who handle healthcare data in their daily works are welcome to attend.

Enrolment is on a first-come-first-served basis.

In the era of big data, implementing good data governance is essential to organisations in the proper handling of vast amount of personal data, which in turn will help increase the confidence and trust of their stakeholders, as well as enhance the organisation’s reputation. However, one may ask, “How can organisations implement data governance in their daily operations?”

To help organisations better protect personal data privacy and enhance data governance, the Office of the Privacy Commissioner for Personal Data (PCPD) has invited the Outstanding Gold Awardees of the PCPD’s “Privacy-Friendly Awards 2023” to share their practical experience and insights in developing a Personal Data Privacy Management Programme (PMP), as well as rising up to the challenges that organisations may encounter in implementing data governance and strengthening data security.

Legal professionals, compliance officers and data protection officers and others who are interested in enhancing data governance and safeguarding personal data privacy are welcome to attend.

Enrolment is on a first-come-first-served basis.

The Measures on the Standard Contract for Cross-border Transfers of Personal Information (Measures) promulgated by the Cyberspace Administration of China have been effective in the Mainland for more than 4 months since 1 June 2023. How should local enterprises and organisations which conduct businesses in the Mainland prepare themselves in entering into standard contracts for transferring personal information out of the Mainland?

Nova Credit Limited (Nova Credit), one of the credit reference agencies under the Multiple Credit Reference Agencies Model in Hong Kong, is a party to the first approved standard contract filed in the Mainland for the transfer of personal information out of the Mainland.

The Office of the Privacy Commissioner for Personal Data (PCPD) organises this seminar to highlight the major requirements of the Mainland’s Standard Contract and the Measures, and a representative of Nova Credit will share with participants their practical experience in pursuing cross-border transfers of personal information out of the Mainland through standard contracts, including the points to note when going through the approval process.

We welcome data protection professionals, legal practitioners, and all who are interested to learn about cross-border transfers of personal information out of the Mainland to join us.

Enrolment is on a first-come-first-served basis.

This year marks the 5^th anniversary of the implementation of the European Union’s General Data Protection Regulation (GDPR), which came into force on 25 May 2018. Over the past five years, the GDPR has become a benchmark for data protection, reshaping the way in which global businesses and organisations protect and handle personal data privacy.

To reflect on the implementation of the GDPR and how it has influenced global perspectives on data protection practices, the Office of the Privacy Commissioner for Personal Data (PCPD) organises this webinar to discuss the latest regulatory landscape in the EU and the challenges faced by organisations in their personal data protection practices. Our renowned speakers will share their insights on the latest developments of the privacy laws and regulations in the EU, and their practical experience in relation to the implementation and enforcement of the GDPR in the past five years, as well as their views on the challenges faced by organisations.

We welcome data protection professionals, legal practitioners, and all who are interested to learn about the GDPR and personal data privacy to join us.

Enrolment is on a first-come-first-served basis.

With the development and evolution of the internet into the third generation (Web 3.0), digitising business marketing and operation has become the trend. The risks of personal data breaches resulting from cybersecurity vulnerabilities are also increasing. How enterprises and organisations can ensure customer data is properly protected in the Web 3.0 online world, as well as prepare for and respond to any data breach crisis has become an important issue for the management.

The Office of the Privacy Commissioner for Personal Data (PCPD) organises this seminar to help enterprises and organisations understand how to effectively manage cybersecurity risks and data leakage incidents. The seminar will elaborate on the contents of the “Guidance on Data Breach Handling and Data Breach Notifications” newly issued by the PCPD. A cybersecurity expert from the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) will also elaborate on the security risks of Web 3.0 and share best practices for enhancing cybersecurity for Web 3.0 with participants.

Organisations in all sectors which utilise ICT to handle personal data and members of the public with an interest in the topic are welcome to attend.

Enrolment is on a first-come-first-served basis.

The Personal Information Protection Law (PIPL), the first piece of legislation in the Mainland dedicated to the protection of personal information, has been effective since 1 November 2021. What are the challenges faced by enterprises and organisations since the implementation of the law? What are the implications for them in transferring data and personal information out of the Mainland?

In addition, the Measures on the Standard Contract for Cross-border Transfers of Personal Information (Measures) recently promulgated by the Cyberspace Administration of China will come into operation on 1 June 2023. How should the local enterprises and organisations which conduct business on the Mainland prepare themselves in entering into standard contracts for transferring personal information out of the Mainland?

Against this background, the Office of the Privacy Commissioner for Personal Data (PCPD) organises this webinar, at which renowned legal expert and seasoned legal practitioner in the Mainland will explain to participants the latest development and practical experience in relation to the privacy laws and regulations in the Mainland.

Legal professionals and those who have business operations in the Mainland are welcome to attend.

Enrolment is on a first-come-first-served basis.

The Security Assessment Measures on Cross-border Transfers of Data (the Measures) promulgated by the Cyberspace Administration of China (CAC) came into operation on 1 September 2022. The Measures state the security assessment rules for companies with businesses in China that transfer data out of China, with a view to regulating outbound data transfer activities.

To help relevant enterprises or organisations understand the latest developments of the legal requirements on the Mainland with regard to cross-border transfers of personal information, the Office of the Privacy Commissioner for Personal Data (PCPD) organises the webinar on “The Mainland’s Security Assessment Measures on Cross-border Transfers of Data” on 29 September 2022. Legal experts from the Mainland and Hong Kong will discuss the features of the Measures and share practical tips on how enterprises can prepare themselves to comply with the requirements under the Measures.

Legal professionals and those who have business relationships with the Mainland are welcome to attend.

The increased digitisation of data and interconnection of information and communications technology (ICT), together with the increasing value of data, have exacerbated personal data security risks. This is evidenced by the upward trend in the number of data security incidents reported both in Hong Kong and other jurisdictions.

With a view to providing data users with recommendations on data security and useful tips on handling data security incidents in the cyber world, the Office of the Privacy Commissioner for Personal Data (PCPD) organises this webinar to elaborate on the contents of the new “Guidance Note on Data Security Measures for Information and Communications Technology” recently issued by the PCPD. A cybersecurity expert from the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) will also share his insights on how to effectively respond to a data security incident, and highlight the contents of the “Incident Response Guideline for SMEs” recently published by the HKCERT.

Organisations in all sectors which utilise ICT to handle personal data, and members of the public with an interest in the topic are welcome to attend.

The Office of the Privacy Commissioner for Personal Data, Hong Kong, will be hosting the 57^th Asia Pacific Privacy Authorities (APPA) Forum on 12 and 13 July 2022. The virtual forum will also be held as one of the celebratory events of the 25^th Anniversary of the Establishment of the HKSAR.

We cordinally invite our Data Protection Officers’ Club (DPOC) members to join the panel discussion of this remarkable event, entitled “Privacy Issues Arising from Emerging Technologies and the Regulatory Roadmaps”. By focusing on the formidable challenges to personal data privacy arising from emerging technologies, Commissioners or senior representatives from data protection authorities in Australia, Canada, Japan and the United Kingdom, will share valuable insights on whether these technologies are a blessing or a curse, and whether and how these technologies should be regulated. Don’t miss the chance and register now!

Join the DPOC membership to enjoy various privileges throughout the year at https://www.pcpd.org.hk/misc/dpoc/enrol.html!

The webinar is free of charge. Enrolment is on a first-come-first-served basis.

Topic	Privacy Issues Arising from Emerging Technologies and the Regulatory Roadmaps
Date	13 July 2022 (Wednesday)
Time	9:15 am – 10:15 am (HK Time)
Mode	Virtual via Zoom
Fee	Free of charge (For DPOC members)
Accreditation	1 CPD point accredited by the Law Society of Hong Kong
Language	English
Moderator	Ms Ada CHUNG Lai-ling, Privacy Commissioner for Personal Data, Hong Kong
Speakers	Ms Angelene FALK, Australian Information Commissioner and Privacy Commissioner, Office of the Australian Information Commissioner, Australia Dr Gregory SMOLYNEC, Deputy Commissioner Policy and Promotion, Office of the Privacy Commissioner of Canada Mr Yuji ASAI, Commissioner, Personal Information Protection Commission, Japan Mr Stephen BONNER, Executive Director for Regulatory Futures and Innovation, Information Commissioner's Office, The United Kingdom
Application Procedure	Please submit your enrolment by completing the online enrollment page on or before 12 July 2022 (Tuesday) 12:00 noon. You will receive an email by 12 July 2022 (Tuesday) confirming your enrolment.
Deadline for enrollment	12 July 2022 (Tuesday), 12:00 noon
For Enquiry	Tel: 3423 6659 (Ms Ho) / 2877 7152 (Mr Pheng) Email: dpoc@pcpd.org.hk

In this online sharing session exclusively for DPOC members, four award-winning organisations of Privacy-Friendly Award 2021 from different sectors will share their success stories in building a good organisational culture of respecting and protecting personal data privacy, as well as their practical experience in personal data management. The details are as follows:

* Each membership is entitled up to 3 seats. Please submit the application one by one, includiing the DPOC number and attendees’ information.

China’s Cybersecurity Law came into effect in 2017, and has evolved with ongoing draft measures being released over time; with the most updated coming in December 2019. Companies both large and small are impacted so please join us for our China Cybersecurity Law session, co-organised by the office of the Privacy Commissioner for Personal Data (PCPD) and the International Association of Privacy Professionals (IAPP) Hong Kong Chapter. It is our honour to have a distinguished group of subject matter experts to share their insights on the recent developments on legal, regulatory and practical implementation challenges which organisations need to consider.

Date	11 December 2019 (Wednesday)
Time	4:30 pm – 6:00 pm (registration begins at 4:05pm)
Venue	Lecture Room, Office of the Privacy Commissioner for Personal Data, 12/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong
Supporting organisation	The International Association of Privacy Professionals
Keynote Speakers	Mr. Stephen Kai-yi Wong, Privacy Commissioner for Personal Data, Hong Kong Ms. Barbara Li, Partner, Norton Rose Fulbright, Beijing
Panelists	Mr. Stephen Kai-yi Wong, Privacy Commissioner for Personal Data   Ms. Barbara Li, Partner, Norton Rose Fulbright, Beijing   Mr. Allen Ting, Senior Legal Counsel, Huawei Mr. Bernard Tan, Chief Legal Counsel, Data and Cybersecurity, SAP
Event MC and Moderator	Adjunct Professor Jason Lau, Regional Lead and Co-Chair of the International Association of Privacy Professionals; CISO at Crypto.com
Language	English
Target Audience	DPOC members, IAPP members and others who are interested in obtaining updates on China Cybersecurity Law
Agenda	4:30-4:40pm Welcome Address and Event Introduction – by Jason Lau 4:40-5:05pm Sharings on China's Cybersecurity Law; Regulatory and Data Privacy Implications – by Commissioner Wong 5:05-5:30pm China's Cybersecurity Law; Recent Legal Developments and Impact on Businesses – by Ms, Barbara Li       [Panel Discussion] 5:30- 6:00pm What are the practical implementation challenges of the new China Cybersecurity Law? What are some lessons learned so far? 6:00pm Q&A and Networking
Fee	HK$ 350 per person (Standard Price) HK$ 280 per person (DPOC member/ IAPP member)

Photo Gallery

In today’s digitally driven world, cyber and information security is a foundation for business growth and sustainability. However, multiplying cyber threats and attacks, as well as the rapid internet and digital technology changes pose grave risks to privacy and raise serious concerns about personal data protection. Safeguarding information especially personal data becomes inevitable to companies.

This seminar will introduce strategies and solutions to maintain corporate cyber and information management security. It will review the cyber threats driven by artificial intelligence, impersonation risk, and personal cyber credibility reference.

Date	27 November 2019 (Wednesday)
Time	4:00 pm – 5:30 pm (registration begins at 3:45pm)
Venue	Lecture Room, Office of the Privacy Commissioner for Personal Data, 12/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong
Fee	Free of charge
Speakers	Mr Leo TONG, Vice President, Hong Kong Innovative Technology Development Association Mr Bernard LEE, FinTech Committee Member, Hong Kong Innovative Technology Development Association
Language	Cantonese
Target Audience	COO, legal & compliance professionals, operations & IT professionals, and middle-to-senior level executives in all divisions
Outline	How does a sustainable corporate cyber defense contribute to your company? Corporate Information Security Management - Introduction of ISO 26000 and ISO IEC 27001 Threat intelligence and Intelligence-led Cyber Attack Simulation Testing Emerging artificial intelligence driven cyber threats Impersonation risks and cyber credibility

Remarks:

1. Acceptance of enrolment will be notified by email on or before 25 November 2019.
2. Enrolment will be accepted on a first-come-first-served basis. The PCPD reserves the right of final decision.
3. Please note that the PCPD may take photographs and videos during the event. PCPD may use such photographs in PCPD publications.
4. Personal Information Collection Statement: Personal data provided in this form will be used for the purpose of carrying out the above-mentioned event. You have the right to request access to and correction of your personal data held by the PCPD. You should make your data access request by completing the Data Access Request Form (OPS003) and sending the completed Form directly to the Data Protection Officer of the PCPD by fax (2877 7026), by email at enquiry@pcpd.org.hk or in person or by mail to the PCPD, Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong.

In today’s digital era, internet and digital technologies have transformed the world. The use of technologies plays an important role in different fields and industries. It has brought about significant changes to the scale and way personal data is collected, processed and used, at the same time posing challenges to personal data privacy protection.

This seminar, exclusively for DPOC members, will examine technology risks and common cyberattacks that threaten safety of personal digital identity. It will also review impersonation risk, personal cyber credibility reference, and solutions.

Date	15 October 2019 (Tuesday)
Time	4:00 pm – 5:30 pm (registration begins at 3:45pm)
Venue	Lecture Room, Office of the Privacy Commissioner for Personal Data, 12/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong
Fee	Free of charge
Speakers	Mr Leonard Chan, President, Hong Kong Innovative Technology Development Association Mr Leo Tong, Vice President (Professional Development), Hong Kong Innovative Technology Development Association
Language	Cantonese
Target Audience	Chief Operating Officers, legal & compliance professionals, operations & IT professionals, and middle-to-senior level executives
Outline	Personal cyber security landscape Online security tips Selected technology risks and common cyberattacks Digital identity & profile Impersonation risk and cyber credibility

* Each membership is entitled to 2 seats. If applying for 2 seats, please submit 2 applications.

Remarks:

1. Acceptance of enrolment will be notified by email on or before 14 October 2019.
2. Enrolment will be accepted on a first-come-first-served basis. The PCPD reserves the right of final decision.
3. Please note that the PCPD may take photographs and videos during the event. PCPD may use such photographs in PCPD publications.
4. Personal Information Collection Statement: Personal data provided in this form will be used for the purpose of carrying out the above-mentioned event. You have the right to request access to and correction of your personal data held by the PCPD. You should make your data access request by completing the Data Access Request Form (OPS003) and sending the completed Form directly to the Data Protection Officer of the PCPD by fax (2877 7026), by email at enquiry@pcpd.org.hk or in person or by mail to the PCPD, Room 1303, 13/F, Sunlight Tower, 248 Queen's Road East, Wan Chai, Hong Kong.

The Symposium on “Data Ethics in Action”, the flagship event of DPOC’s new membership year 2019-20.

In today’s digital age, data is captured and analysed through a collection of infrastructure, analytics and applications. While we are all well aware of the enormous benefits brought by big data analytics, artificial intelligence and machine learning, they also pose unprecedented challenges to the existing regulatory framework in data protection, emerging from uninformed behavioural tracking or profiling, data breach, electronic surveillance and interception.

The PCPD strongly believes that in addition to compliance with the legislation, organisations should also be held to a higher ethical standard that meets the stakeholders’ expectations. Data ethics and stewardship can therefore bridge the gap between legal requirements and stakeholders’ expectations.

Speakers from relevant professions and industries have shared their insights and experience concerning how their organisations have developed their Privacy Management Programme and adopted data ethics to give individuals more confidence that their interests in data privacy are being protected and nurture a good privacy culture in our society.

Date	9 May 2019 (Thursday)
Time	2:30 pm – 5:15 pm (registration starts at 2:15pm)
Venue	United Conference Centre 10/F, United Centre, 95 Queensway, Admiralty, Hong Kong
Fee	Free of charge (for DPOC members and invited stakeholders ; by invitation only)
Language	Cantonese (presentation materials in English)
Agenda		Registration starts at 2:15 pm
	2:30 pm – 2:45 pm	Opening Remarks by Mr Stephen Kai-yi WONG, Privacy Commissioner for Personal Data, Hong Kong
	2:45 pm – 3:10 pm	"The Data Agenda of Tech Start-ups" Presentation by Mr Albert WONG Hak-keung, Chief Executive Officer, Hong Kong Science & Technology Parks Corporation
	3:10 pm – 3:35 pm	"A matter of trust: HSBC’s work in relation to strengthening data protection in the digital age" Presentation by Ms Diana Cesar, Chief Executive, Hong Kong, The Hongkong and Shanghai Banking Corporation Limited
	3:35 pm – 3:45 pm	Group photo (Privacy Commissioner, the speakers and other guests)
	3:45 pm – 4:05 pm	Networking and refreshment
	4:05pm – 4:30 pm	"The critical role of trust in financial inclusion and data privacy" Presentation by Mr Sunny CHEUNG Yiu-tong, Chief Executive Officer, Octopus Holdings Limited
	4:30 pm – 4:50 pm	Panel Discussion Moderator: Mr Eric Tse, Assistant Privacy Commissioner for Personal Data (Complaints, Communications & Education) Panelists: (1) Mr Albert WONG Hak-keung, Chief Executive Officer, Hong Kong Science & Technology Parks Corporation (2) Mr Sunny CHEUNG Yiu-tong, Chief Executive Officer, Octopus Holdings Limited (3) Mr Tony LAM, Deputy Privacy Commissioner for Personal Data, Hong Kong
	4:50 pm – 5:05 pm	Q&A
	5:05 pm – 5:15 pm	Conclusion by Mr Stephen Kai-yi WONG, Privacy Commissioner for Personal Data, Hong Kong

今時今日，科技及創意讓中小企得以發展出很多嶄新的營商模式。在營運過程中，中小企無可避免會收集及使用客戶及員工的個人資料；與此同時，客戶對個人資料 私隱保障的期望則與日俱增。中小企遵從《個人資料（私隱）條例》的規定，除了可以避免誤墮法網，個人資料獲妥善保存及管理，還可以增強客戶對 中小企的信任、提升其商譽及競爭優勢。

本講座將以公署的《資料保障．利便營商 － 給中小企的綱領提示》指引資料為藍本，為中小企提供保障客戶個人資料的實用建議。

日期	2018年12月17日(星期一)
時間	下午三時半至五時正
地點	灣仔皇后大道東248號陽光中心12樓 個人資料私隱專員公署會議室
講者	個人資料私隱專員公署代表
語言	粵語
對象	中小企代表，或希望了解中小企如何保障客戶個人資料的人士
費用	免費
內容	妥善處理客戶個人資料 產品或服務推廣 人力資源管理方面事宜 安裝閉路電視 外判個人資料的處理 在香港以內/外營運網上業務或服務 資料外洩事故的處理 建立私隱管理系統
支持機構	工業貿易署中小企業支援與諮詢中心

The office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) launched the Privacy Management Programme (PMP) in 2014 and has since advocated that organisations should develop their own PMP in handling personal data. Constructing a comprehensive PMP not only can build trust with customers, but also enhance the organisation’s reputation as well as competitiveness.

The PCPD has recently issued the “Best Practice Guide on Privacy Management Programme” (the Guide), which is a “2.0 version” of the 2014 issue. This seminar will take you through the concrete examples, charts, templates of questionnaire and checklist in the Guide to help you construct a comprehensive PMP in your organisation.

Date	31 October 2018 (Wednesday)
Time	3:30 pm to 5:00 pm (registration starts at 3:15 pm)
Venue	*Conference Room, PCPD, 12/F, Sunlight Tower, 248 Queen's Road East, Wanchai, Hong Kong *newly refurbished
Fee	Free of charge (for DPOC members only)
Medium of Instruction	Cantonese (presentation materials are in English)
Speaker	Ms Natalie POON Senior Personal Data Officer, PCPD
Take-aways	What is PMP Benefits of PMP How to develop your own PMP (Subject to modification)

This Welcome Reception cum Lunch Talk is one of the major events of the PAW 2018. As a DPOC member, you are cordially invited to join this event at no charge.

Social networks are rapidly evolving, and so is the mode of engagement with social networks by organisation to advance their business interests. On the other hand, because of the scale and complexity of social networks, security and privacy become critical issues when using social networks. Chairman of the Hong Kong Association of Interactive Marketing (HKAIM) will share insights in data protection when carrying out social media marketing. The PCPD will also speak from the regulator perspective on the subject.

Date	10 May 2018 (Thursday)
Time	12:30 pm to 2:00 pm
Venue	Multi-function Hall I, 25/F, The Hong Kong Federation of Youth Groups Building 21 Pak Fuk Road, North Point, Hong Kong (Exit C of Quarry Bay MTR Station)
Fee	Free of charge (for DPOC members only)
Medium of Instruction	Cantonese (presentation materials are in English)
Agenda	12:30 pm – 12:50 pm	Sandwich Lunch (Registration starts at 12:20 pm)
	12:50 pm – 1:10 pm	Welcome Remarks Mr Stephen Kai-yi WONG Privacy Commissioner for Personal Data, Hong Kong
	1:10 pm – 1:30 pm	Privacy and Social Media Mr Brad KWOK Senior Personal Data Officer, PCPD
	1:30 pm – 1:50 pm	Privacy in Social Media Communication Mr Ralph SZETO Chairman, HKAIM
	1:50 pm – 2:00 pm	Q&A

The European Union General Data Protection Regulation (GDPR) will come into effect on 25 May 2018. Corporations and organisations that process and/or transfer personal data relating to EU employees should be aware that they are likely going to be subject to the requirements of the GDPR.

This talk aims at assisting employers in understanding the new requirements in the EU GDPR as compared with the Personal Data (Privacy) Ordinance (PDPO), and how employers may prepare themselves for these new requirements, if applicable.

The European Union's General Data Protection Regulation (GDPR) will come into effect on 25 May 2018. Corporations and organisations in Hong Kong that offer goods or services to individuals in the European Union (EU), or monitor the behaviour of individuals in the EU should be aware that they are likely going to be subject to the requirements of the GDPR.

This talk aims at assisting members in understanding the new requirements in the EU GDPR as compared with the Personal Data (Privacy) Ordinance (PDPO), and how members may prepare themselves for these new requirements, if applicable.

在依從《個人資料（私隱）條例》的條文規定時，你曾否遇到難以明白的地方？其實每天在社會發生的事，很多都與個人資料私隱有關。為了讓大眾（包括大、中、小、微型企業和機構）明暸條例的要旨，香港個人資料私隱專員於本年7月出版了《注意！這是我的個人資料私隱》，以淺白的語言，並附以具啟發性的個案，闡述條例的主要規定。本講座將以此書為藍本，並透過多個近年受傳媒廣泛報道的真實個案以及書中的例子分享，向會員解釋條例的重要內容及分享錦囊。有興趣的會員，請將已填妥的回條於2017年11 月22日或之前電郵至 dpoc@pcpd.org.hk。

日期及時間	2017年11月27日（星期一）上午十時至中午十二時
地點	灣仔皇后大道東248號陽光中心13樓1301室 個人資料私隱專員公署會議室
語言	粵語
講者	陳培玲小姐 個人資料私隱專員公署傳訊及教育經理
對象	希望掌握條例基本認識及應用的會員及其僱員
內容	條例保障的「個人資料」 六項保障資料原則的要求 豁免情況 個別範疇的私隱疑難解碼 問答時段

This Welcome Reception cum Lunch Talk is one of the major events of the PAW 2017. As a DPOC member, you are cordially invited to join this event at no charge.

Recently there has been numerous media reports on the loss of portable storage devices (PSDs) containing personal information, arousing public concern on the subject. PSDs such as USB drives or notebook computers provide a convenient means to store and transfer personal data. However, privacy could easily be compromised if the use of these devices is not supported by adequate data protection policy and practice. Representative of the PCPD will share with members on the smart use of PSDs from data protection perspective and how should a data breach be handled.

Date	9 May 2017 (Tuesday)
Time	12:30 pm to 2 pm
Venue	Multi-function Hall I, 25/F, The Hong Kong Federation of Youth Groups Building 21 Pak Fuk Road, North Point, Hong Kong (Exit C of Quarry Bay MTR Station)
Fee	Free of charge (for DPOC members only)
Medium of Instruction	Cantonese (presentation materials are in English)
Agenda
	12:30 pm – 12:55 pm	Sandwich Lunch (Registration starts at 12:20 pm)
	12:55 pm – 1:15 pm	Welcome Remarks Mr Stephen Kai-yi WONG Privacy Commissioner for Personal Data, Hong Kong
	1:15 pm – 1:50 pm	Smart Use of Portable Storage Devices and Data Breach Handling Ms Carol CHAN Manager (Communications and Education)
	1:50 pm – 2:00 pm	Q&A

The evolving Information and Communication Technology has brought us convenience and opportunities in business development, but at the same time encourages lawbreakers to make use of technology to commit crimes. Large corporations and small-and-medium enterprises are facing the same threat brought by technology crime and could suffer from it.

We are pleased to have invited one of our DPOC corporate members, Hong Kong Police Force, to share with members the trend of technology crime and prevention tips.

Date	30 March 2017 (Thursday)
Time	12:30 pm to 2 pm
Venue	Multi-function Hall I 25/F, The Hong Kong Federation of Youth Groups Building 21 Pak Fuk Road, North Point, Hong Kong (Exit C of Quarry Bay MTR Station)
Speaker	Mr CHUNG Wai-lun Cyber Security and Technology Crime Bureau Hong Kong Police Force
Fee	Free of charge (for DPOC members only)
Medium of Instruction	Cantonese
Agenda
	12:30 pm – 1:00 pm	Registration and Sandwich Lunch
	1:00 pm – 1:45 pm	Trend on Technology Crime and Crime Prevention
	1:45 pm – 2:00 pm	Q&A

In this data driven economy, it is of paramount importance that organisations are aware of and compliant with the Personal Data (Privacy) Ordinance. With a view to providing members and their staff members with an opportunity to acquire basic knowledge of the Ordinance, an introductory seminar will be held on 22 December 2016.

Lunch Talk – Learning from the Administrative Appeals Board’s Decisions

The Administrative Appeals Board (“AAB”) is an independent statutory body that hears and determines appeals lodged against the Privacy Commissioner’s decisions. AAB may confirm, vary or reverse the Privacy Commissioners’ decisions.

Legal Counsel of the PCPD will share recent AAB cases with members with a view to providing some insights into the application of the Personal Data (Privacy) Ordinance by the AAB.

Date:	7 December 2016 (Wednesday)
Time:	12:30 – 2:00 pm
Venue:	Conference Room, Privacy Commissioner for Personal Data, Hong Kong Room 1301, 13/F, Sunlight Tower, 248 Queen’s Road East, Wanchai, Hong Kong
Fee:	Free of charge (for DPOC members only)
Language:	Cantonese (Materials are in English)
Agenda:	12:20	Registration starts
	12:30 – 1:00 pm	Sandwich lunch
	1:00 – 1:45 pm	Learning from the Administrative Appeals Board’s Decision Speaker: Ms Cindy CHAN Legal Counsel of the PCPD
	1:45 – 2:00 pm	Q&A

Privacy Awareness Week 2016 (PAW 2016)
Lunch Talk – Sharing on recent direct marketing conviction cases

This Welcoming Reception cum Lunch Talk is to be held to coincide with the PAW 2016. As a DPOC member, you are cordially invited to join this event at no charge.

The new direct marketing provisions under the Personal Data (Privacy) Ordinance took effect on1 April 2013. These provisions impose tighter regulation on the use and provision of personal data in direct marketing with much heavier penalties in case of contravention. The lunch talk will share with members on the recent conviction cases and highlight the requirements of new direct marketing regime.

Date:	5 May 2016 (Thursday)
Time:	12:30 – 2:00 pm
Venue:	25/F, Multi-function Hall I Hong Kong Federation of Youth Groups Building, 21 Pak Fuk Road, North Point
Language:	Cantonese (presentation materials are in English)
Fee:	Free of charge (for DPOC members only)
Agenda:	12:30 – 12:55 pm	Sandwich lunch (Registration starts at 12:20pm)
	12:55 – 1:00 pm	Welcome remarks Mr Stephen Kai-yi WONG Privacy Commissioner for Personal Data, Hong Kong Office of the Privacy Commissioner for Personal Data, Hong Kong
	1:00 – 1:50 pm	Sharing on recent conviction cases on direct marketing Ms Carol CHAN Manager (Corporate Communications) Office of the Privacy Commissioner for Personal Data, Hong Kong
	1:50 – 2:00 pm	Q&A

Sharing Session on Information Security and Data Privacy

The Office of the Privacy Commissioner for Personal Data initiated investigations into some major data leakage incidents in 2015. The incidents involve voluminous personal data and are largely attributed to the internet security issues.

The following session is organised for members to share their insights into issues concerning Information Security and Data Privacy.

Date:	11 March 2016 (Friday)
Time:	11:00 am to 12 noon
Venue:	Conference Room, Office of the Privacy Commissioner for Personal Data Room 1301, 13/F, Sunlight Tower, 248 Queen’s Road East, Wanchai, Hong Kong
Language:	English
Speaker:	DPOC Corporate Member – PricewaterhouseCoopers Representatives: Ms Jennifer HO, Partner Mr KOK Tin Gan, Partner Ms Kristine CHUNG, Senior Manager
Fee:	Free of charge (for DPOC members only)
Agenda:	10:45 am – 11:00 am	Registration
	11:00 am – 11:45 am	Sharing by PwC Results from the Global State of Information Security Survey 2016 Data privacy update, common issues / concerns Showcase of the “Game of Threats”
	11:45 am – 12:00 noon	Q&A

Lunch Talk Series
Meeting with the Privacy Commissioner for Personal Data cum
a Briefing on “Cloud Computing”

Mr Stephen Kai-yi WONG took office on 4 August 2015 as the Privacy Commissioner for Personal Data for a term of five years. One of Mr Wong’s priorities upon taking the Office is to cultivate a culture in the community whereby all stakeholders would respect the others’ privacy rights and expectations. Mr Wong shared members with his views on Protect, Respect Personal Data.

The PCPD also took this opportunity to brief members of the recently revised leaflet on Cloud Computing. This leaflet highlights the importance for an organisation to fully assess the benefits and risks of engaging cloud computing and understand the implications for safeguarding personal data privacy.

Date:	3 November 2015 (Tuesday)
Time:	12:30 – 2:00 pm
Venue:	25/F, Multi-function Hall I Hong Kong Federation of Youth Groups Building 21 Pak Fuk Road, North Point
Language:	Cantonese
Fee:	Free of charge (for DPOC members only)
Agenda :	12:30 – 12:55 pm	Sandwich lunch (Registration starts at 12:20pm)
	12:55 – 1:00 pm	Introduction
	1:00 – 1:20 pm	Protect, Respect Personal Data Mr Stephen WONG Privacy Commissioner for Personal Data Office of the Privacy Commissioner for Personal Data
	1:20 – 1:45 pm	Briefing on Cloud Computing Dr Henry CHANG Information Technology Advisor Office of the Privacy Commissioner for Personal Data
	1:45 – 2:00 pm	Q&A

The Office of the Privacy Commissioner for Personal Data Hong Kong (“PCPD”) has advocated that organisations should embrace personal data privacy protection as part of their corporate governance responsibilities and apply it as a top-down business imperative throughout the organisation. In this connection, in April 2015 the PCPD collaborated with Nymity, a global privacy research company, to conduct an Accountability Benchmarking Study. This Study examines how organisations in Hong Kong implement privacy management activities in an accountability approach beyond compliance.

At the workshop, participants can gain insight from the aggregated benchmarking results of the “Hong Kong Accountability Benchmarking Study” and the analysis of the privacy management programmes for several Hong Kong organisations. The Study will also help to answer questions such as: "How does my privacy programme measure up compared to others?", "In which privacy activities do I invest? " and "What are the most implemented privacy initiatives and activities in other organisations?"

Photo Gallery

This Welcoming Reception cum Lunch Talk “Privacy by Design and Personal Data Protection” is to be held to coincide with the PAW 2015.

Privacy by Design promotes embedding privacy as the default into the design, operation and management of ICT systems, across the entire information life cycle. It seeks to make privacy integral to organisational priorities, project objectives and work standards. A representative from Microsoft Hong Kong will share their experience on this aspect. Information Technology Advisor of the PCPD will also talk about Privacy by Design and Personal Data Protection.

Date:	7 May 2015 (Thursday)
Time:	12:30 to 2:00 pm
Venue:	25/F, Multi-function Hall I Hong Kong Federation of Youth Groups Building, 21 Pak Fuk Road, North Point
Language:	Cantonese (presentation materials are in English)
Fee:	Free of charge (for DPOC members only)
Medium of Instruction:	Cantonese
Rundown:	12:30 – 12:50 pm	Sandwich lunch (Registration starts at 12:20 pm)
	12:50 – 1:00 pm	Welcome remarks
	1:00 – 1:30 pm	How Microsoft is taking Privacy by Design to work Speaker: Mr Alan CHAN National Technology Officer Microsoft Hong Kong
	1:30 – 1:45 pm	Privacy by Design and Personal Data Protection Speaker: Dr Henry CHANG Information Technology Advisor Office of the Privacy Commissioner for Personal Data
	1:45 – 2:00 pm	Q&A

Photo Gallery

Have you ever encountered difficulties in handling data access request (DAR) and had doubt about how much should an organisation charge for handling a DAR?

This lunch talk will highlight some concerns when an organisation handles a DAR. Relevant complaints and Administrative Appeals Board’s cases will be shared.

Date:	24 March 2015 (Tuesday)
Time:	12:30 to 2 pm
Venue:	Conference Room, Office of the Privacy Commissioner for Personal Data Room 1301, 13/F, Sunlight Tower, 248 Queen’s Road East, Wanchai, Hong Kong
Fee:	Free of charge (for DPOC members only)
Medium of Instruction:	Cantonese
Rundown:	12:20 pm	Registration starts
	12:30 – 1:00 pm	Sandwich lunch
	1:00 – 1:45pm	Handling of Data Access Request and Charging of Data Access Request Fee Speaker: Mr Vincent NG Senior Personal Data Officer of the PCPD
	1:45 – 2:00pm	Q&A

Photo Gallery

Lunch Talk Series
Optimising Social Networks for Business with Privacy Protection in Mind

Social networks are rapidly evolving and developing, and so is the mode of engagement with social networks by organisations to advance their business interests.

This lunch talk will highlight some privacy concerns when using social networks by organisations. Representative of Facebook will also share with members about their experience in personal data protection.

Date:	22 December 2014 (Monday)
Time:	12:30pm - 2:00pm
Venue:	Conference Room, Office of the Privacy Commissioner for Personal Data Room 1301, 13/F, Sunlight Tower, 248 Queen’s Road East, Wanchai, Hong Kong
Fee:	Free of charge (for DPOC members only)
Medium of Instruction:	Cantonese
Rundown:	12:20 pm	Registration starts
	12:30 pm	Sandwich lunch
	1:00 – 1:30pm	Privacy at Facebook: Building trust through connection Speaker: Mr Andrew WONG, Head of Agency/Reseller – Greater China, Facebook
	1:30 – 1:45pm	Privacy concerns when using social networks Speaker: Ms Carol CHAN, Corporate Communications Manager, PCPD
	1:45 – 2:00pm	Q&A

Photo Gallery

Briefing and sharing on Privacy Management Programmes
A Strategic Shift from Compliance to Accountability

Office of the Privacy Commissioner for Personal Data (PCPD) has been advocating that organisations should make personal data protection part of their corporate governance responsibilities and implement it throughout their organisations using a top-down approach. In February 2014, the Hong Kong Special Administrative Region Government, together with twenty five companies from insurance sector, nine companies from the telecommunications sector and five organisations from other sectors, all pledged to implement PMP. To assist organisations implementing this concept, PCPD also released “Privacy Management Programme: A Best Practice Guide”. The Guide outlines the building blocks of PMP. (www.pcpd.org.hk/pmp)

This session will enable members to understand the baseline fundamentals and components of a PMP and how to maintain and improve it on an ongoing basis. A representative from Octopus will also share their experience in personal data protection.

Date:	28 May 2014 (Wednesday)
Time:	10:30 am to 12 noon
Venue:	Admiralty Conference Centre - 1804B, Tower 1, Admiralty Centre, 18 Harcourt Road, Admiralty, Hong Kong Room 1301, 13/F, 248 Queen’s Road East, Wanchai, Hong Kong
Fee:	Free of charge (for DPOC members only)
Medium of Instruction:	Cantonese
Content	Session 1 - Briefing on “Privacy Management Programme: A Best Practice Guide” Speaker: Ms Nicola TANG, Senior Data Protection Officer of PCPD
	Session 2 - Experience sharing in personal data protection Speaker: Mr Otto YAM, Data Protection Officer of Octopus

Photo Gallery

Privacy Awareness Week (PAW 2014) -
DPOC Welcoming Reception cum Seminar
8 May 2014 (Thursday)
(Exclusive for DPOC members only)

The Welcoming Reception cum Seminar is to be held to coincide with the Privacy Awareness Week.

Date:	8 May 2014 (Thursday)
Time:	3:00 pm – 5:30 pm
Venue:	25/F, Multi-function Hall I Hong Kong Federation of Youth Groups Building, 21 Pak Fuk Road, North Point
Language:	Cantonese
Agenda:	3:00 pm – 3:25 pm	Refreshments
	3:25 pm – 3:30 pm	Welcome remarks and activities update
	3:30 pm – 5:30 pm	Seminar on “Developing Mobile Apps with Privacy Protection in Mind” Speaker: Dr Henry CHANG Information Technology Advisor Office of the Privacy Commissioner for Personal Data

Photo Gallery

Workshop on Preparing Personal Information Collection Statement and Privacy Policy Statement

The PCPD issued the “Guidance on Preparing Personal Information Collection Statement and Privacy Policy Statement” on 29 July 2013. In essence, a Personal Information Collection Statement (“PICS”) notifies the data subjects on matters in relation to the collection of personal data. A Privacy Policy Statement (“PPS”) includes the data user’s policies and practices on the collection and use of data; data retention; data security; handling of data breach, requests for data access and correction. The PICS and PPS are required under the Data Protection Principles.

Date:	9 December 2013 (Monday) / 14 January 2014 (Tuesday)
Time:	9.30am – 11.30am / 2:30pm – 4:30pm
Venue:	Conference Room, Office of the Privacy Commissioner for Personal Data Room 1301, 13/F, Sunlight Tower, 248 Queen’s Road East, Wanchai, Hong Kong
Fee:	Free of charge (for DPOC members only)
Medium of Instruction:	Cantonese (Materials will be in English)
Content:	I. Guidance on Preparing PICS and PPS What are PICS and PPS Details required in PICS and PPS Recommended good practices when preparing PICS and PPS II. Group Discussion / Q&A