The Office of the Privacy Commissioner for Personal Data (PCPD) is an independent body set up to monitor, supervise, promote and enforce compliance with the provisions of the Personal Data (Privacy) Ordinance (PDPO) (Cap. 486) which came into force on 20th December, 1996.
Vision, Mission and Values
Vision
To develop and promote a culture of protection of and respect for individual's privacy in relation to personal data.
Mission
-
To promote the protection and respect for personal data privacy through publicity and education
-
To facilitate lawful and responsible use of personal data by providing guidance and best practices
-
To monitor and supervise compliance through effective enforcement
-
To maintain the efficacy of the regulatory regime through continuous review and enhancement, taking into account global standards for the protection of personal data privacy
Values
Respect
-
Respect others' personal data privacy
Integrity
-
Acting fairly and professionally
Innovation
-
Embrace technological, social and economic developments
Independence
-
Independent from the Government and other bodies
Excellence
-
Striving for the best results and highest standards
Strategies and Key Goals
Enforcement
|
Strategies |
Key Goals |
-
To ensure equity, fairness and operational efficiency
-
To act independently, impartially and without fear or favour
-
To partner with other regulators, leveraging their legislative mandates, institutional tools and enforcement powers
-
To partner with overseas data protection authorities for handling cross-border privacy issues and complaints
|
-
Complaints are investigated and resolved efficiently in a manner that is fair to all parties concerned
-
Enquiries are responded to professionally and efficiently
-
Meritorious applications for legal assistance are entertained and aggrieved individuals compensated
|
Monitoring and Supervising Compliance
|
Strategies |
Key Goals |
-
To investigate proactively and fairly into areas where the privacy risks are significant
-
To partner with other regulators, leveraging their legislative mandates, institutional tools and enforcement powers
-
To partner with overseas data protection authorities for handling cross-border privacy issues and complaints
|
-
Organisational data users are facilitated to meet their data protection obligations and adopt good privacy practices
|
Promotion
|
Strategies |
Key Goals |
-
To seek proactively the holistic engagement of stakeholders
-
To promote best practices among organisational data users on top of meeting minimum legal requirements
-
To maximise publicity and education impact through websites, publications and media exposure
-
To engage the community, in particular, young people
-
To use lessons learnt from investigations as a means of educating data users and data subjects
|
-
A better understanding of the laws and principles in the community is articulated, recognising not only the rights and obligations but also expectations and limitations in personal data protection
-
Organisations in public and private sector understand their obligations as data users under the Ordinance and the ways to meet them
-
Individual and organisational data users understand the role of the PCPD and the assistance the PCPD may provide
|
Corporate Governance
|
Strategies |
Key Goals |
-
To adhere to the principles of transparency and accountability
-
To maximise utilisation of resources to achieve economy, efficiency and effectiveness
-
To make continuous effort to streamline work procedures
-
To apply a “selective in order to be effective” approach in prioritising work, with an emphasis on assignments that will have the greatest impact
-
To build and maintain a loyal and professional team
|
-
High standard of corporate governance is achieved
|
Meeting Changing Needs
|
Strategies |
Key Goals |
-
To keep abreast of technological development
-
To monitor international development and trend
-
To keep track of evolving local privacy expectation
|
-
Existing and proposed laws and regulatory systems are relevant and effective
|